1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Security Tool Removal

Discussion in 'Virus & Other Malware Removal' started by wadekcwade, Oct 30, 2009.

Thread Status:
Not open for further replies.
  1. wadekcwade

    wadekcwade Thread Starter

    Joined:
    Oct 30, 2009
    Messages:
    1
    Thank you for the service. I contracted Security Tool somehow and since then have probably downloaded additional scam tools to try to get rid of it. I ran spy doctor, malwarebytes, superspyware, and tried to run ad-aware. Honestly I just dont have any idea what I am doing. I also downloaded OTS.exe and ran a scan, the first part of the info will follow. Again thanks for the help! Symptoms include rediricting, slow start, and additionally threats of credit card info being transferred out of my pc.



    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days

    [Processes - Safe List]
    ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2009/10/30 17:45:50 | 00,523,264 | ---- | M] (OldTimer Tools)
    wmiprvse.exe -> C:\WINDOWS\system32\wbem\wmiprvse.exe -> [2009/02/06 12:39:29 | 00,227,840 | ---- | M] (Microsoft Corporation)
    explorer.exe -> C:\WINDOWS\explorer.exe -> [2007/06/13 06:23:07 | 01,033,216 | ---- | M] (Microsoft Corporation)
    prismxl.sys -> C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -> [2005/09/07 03:57:48 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.)
    aolacsd.exe -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -> [2004/10/20 10:40:04 | 00,010,328 | ---- | M] (America Online)
    aoltsmon.exe -> C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -> [2004/10/15 16:54:14 | 00,100,016 | ---- | M] (America Online, Inc)
    aoltpspd.exe -> C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe -> [2004/10/15 16:54:12 | 00,046,768 | ---- | M] (America Online Inc)
    wdfmgr.exe -> C:\WINDOWS\system32\wdfmgr.exe -> [2004/08/11 04:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation)
    wscntfy.exe -> C:\WINDOWS\system32\wscntfy.exe -> [2004/08/04 15:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation)
    brmfrmps.exe -> C:\WINDOWS\system32\Brmfrmps.exe -> [2003/05/05 20:30:22 | 00,065,536 | ---- | M] (Brother Industries, Ltd.)
    brsvc01a.exe -> C:\WINDOWS\system32\brsvc01a.exe -> [2002/04/11 20:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd)
    brss01a.exe -> C:\WINDOWS\system32\brss01a.exe -> [2001/12/12 20:01:00 | 00,045,056 | ---- | M] (brother Industries Ltd)

    [Win32 Services - Safe List]
    (gusvc) Google Software Updater [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/10/27 16:41:34 | 00,182,768 | ---- | M] (Google)
    (PrismXL) PrismXL [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -> [2005/09/07 03:57:48 | 00,172,032 | ---- | M] (New Boundary Technologies, Inc.)
    (AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -> [2004/10/20 10:40:04 | 00,010,328 | ---- | M] (America Online)
    (AOL TopSpeedMonitor) AOL TopSpeed Monitor [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -> [2004/10/15 16:54:14 | 00,100,016 | ---- | M] (America Online, Inc)
    (UMWdf) Windows User Mode Driver Framework [Win32_Own | Auto | Running] -> C:\WINDOWS\system32\wdfmgr.exe -> [2004/08/11 04:45:04 | 00,038,912 | ---- | M] (Microsoft Corporation)
    (helpsvc) Help and Support [Win32_Shared | Auto | Running] -> C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -> [2004/08/04 15:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation)
    (aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -> [2004/07/15 02:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation)
    (brmfrmps) Brother Popup Suspend service for Resource manager [Win32_Own | Auto | Running] -> C:\WINDOWS\System32\Brmfrmps.exe -> [2003/05/05 20:30:22 | 00,065,536 | ---- | M] (Brother Industries, Ltd.)
    (Brother XP spl Service) BrSplService [Win32_Own | Auto | Running] -> C:\WINDOWS\system32\brsvc01a.exe -> [2002/04/11 20:00:00 | 00,057,344 | ---- | M] (brother Industries Ltd)

    [Driver Services - Safe List]
    (AegisP) AEGIS Protocol (IEEE 802.1x) v3.4.5.0 [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\AegisP.sys -> [2009/10/09 11:45:49 | 00,021,035 | ---- | M] (Meetinghouse Data Communications)
    (RTL8187B) NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\wg111v3.sys -> [2007/12/28 15:02:12 | 00,287,232 | ---- | M] (Realtek Semiconductor Corporation )
    (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2007/11/13 06:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
    (EAPPkt) Realtek EAPPkt Protocol [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\EAPPkt.sys -> [2007/10/09 13:13:00 | 00,038,144 | ---- | M] (Realtek)
    (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BLKWGU.sys -> [2005/11/10 14:54:56 | 00,402,944 | R--- | M] (Belkin Corporation)
    (ASCTRM) ASCTRM [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\asctrm.sys -> [2005/09/07 04:14:06 | 00,008,552 | ---- | M] (Windows (R) 2000 DDK provider)
    (SABProcEnum) SABProcEnum [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\sabprocenum.sys -> [2005/03/21 11:00:24 | 00,004,096 | ---- | M] (SuperAdBlocker.com)
    (RT2500USB) RT2500 USB Wireless LAN Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\rt2500usb.sys -> [2005/03/12 17:48:10 | 00,243,456 | R--- | M] (Ralink Technology Inc.)
    (ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ALCXWDM.SYS -> [2004/12/02 00:40:08 | 02,300,928 | ---- | M] (Realtek Semiconductor Corp.)
    (SunkFilt) Alcor Micro Corp Reader [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Sunkfilt.sys -> [2004/11/15 20:41:54 | 00,036,804 | ---- | M] (Alcor Micro Corp.)
    (ZDPSp50) ZDPSp50 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ZDPSp50.sys -> [2004/10/25 13:40:58 | 00,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA))
    (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2004/08/04 15:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
    (amdagp) AMD AGP Bus Filter Driver [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\amdagp.sys -> [2004/08/04 09:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
    (sisagp) SIS AGP Bus Filter [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sisagp.sys -> [2004/08/04 09:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation)
    (nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2004/08/04 01:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation)
    (HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWBS2.sys -> [2004/06/17 18:56:22 | 00,220,032 | ---- | M] (Conexant Systems, Inc.)
    (winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2004/06/17 18:55:38 | 00,685,056 | ---- | M] (Conexant Systems, Inc.)
    (HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DP.sys -> [2004/06/17 18:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.)
    (BrSerIf) Brother MFC Serial Port Interface WDM Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BrSerIf.sys -> [2004/06/12 01:27:18 | 00,051,712 | ---- | M] (Brother Industries Ltd.)
    (RTL8023xp) Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\Rtlnicxp.sys -> [2004/04/14 00:14:12 | 00,070,144 | ---- | M] (Realtek Semiconductor Corporation )
    (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\mdmxsdk.sys -> [2004/03/17 15:04:14 | 00,013,059 | ---- | M] (Conexant)
    (BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BrUsbSer.sys -> [2004/01/10 00:28:18 | 00,011,648 | ---- | M] (Brother Industries Ltd.)
    (BrScnUsb) Brother USB Still Image driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\BrScnUsb.sys -> [2003/12/19 17:15:50 | 00,015,263 | ---- | M] (Brother Industries Ltd.)
    (wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\wanatw4.sys -> [2003/01/10 17:13:04 | 00,033,588 | ---- | M] (America Online, Inc.)
    (Sparrow) Sparrow [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sparrow.sys -> [2001/08/18 00:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.)
    (sym_u3) sym_u3 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys -> [2001/08/18 00:07:42 | 00,030,688 | ---- | M] (LSI Logic)
    (sym_hi) sym_hi [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sym_hi.sys -> [2001/08/18 00:07:40 | 00,028,384 | ---- | M] (LSI Logic)
    (symc8xx) symc8xx [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys -> [2001/08/18 00:07:36 | 00,032,640 | ---- | M] (LSI Logic)
    (symc810) symc810 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\symc810.sys -> [2001/08/18 00:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.)
    (ultra) ultra [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ultra.sys -> [2001/08/17 23:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.)
    (ql12160) ql12160 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql12160.sys -> [2001/08/17 23:52:20 | 00,045,312 | ---- | M] (QLogic Corporation)
    (ql1080) ql1080 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql1080.sys -> [2001/08/17 23:52:20 | 00,040,320 | ---- | M] (QLogic Corporation)
    (ql1280) ql1280 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ql1280.sys -> [2001/08/17 23:52:18 | 00,049,024 | ---- | M] (QLogic Corporation)
    (dac2w2k) dac2w2k [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 23:52:16 | 00,179,584 | ---- | M] (Mylex Corporation)
    (mraid35x) mraid35x [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\mraid35x.sys -> [2001/08/17 23:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.)
    (asc) asc [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\asc.sys -> [2001/08/17 23:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.)
    (asc3550) asc3550 [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\asc3550.sys -> [2001/08/17 23:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.)
    (AliIde) AliIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 23:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)
    (CmdIde) CmdIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\cmdide.sys -> [2001/08/17 23:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.)
    (mxnic) Macronix MX987xx Family Fast Ethernet NT Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mxnic.sys -> [2001/08/17 16:49:32 | 00,019,968 | ---- | M] (Macronix International Co., Ltd. )

    [Modules - Safe List]
    ots.exe -> C:\Documents and Settings\Owner\Desktop\OTS.exe -> [2009/10/30 17:45:50 | 00,523,264 | ---- | M] (OldTimer Tools)
    comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll -> [2006/08/25 11:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation)
    framedyn.dll -> C:\WINDOWS\system32\wbem\framedyn.dll -> [2004/08/04 15:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation)
    srclient.dll -> C:\WINDOWS\system32\srclient.dll -> [2004/08/04 15:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation)

    [Registry - Safe List]
    < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
    HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
    HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] ->
    HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
    HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
    HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
    HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
    < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
    HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
    HKEY_CURRENT_USER\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google ->
    HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms} sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 ->
    HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.aol.com/ ->
    HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/search? =%s ->
    HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
    < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
    < FireFox Extensions [User Folders] > ->
    < HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
    Reset Hosts
    127.0.0.1 localhost
    < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
    {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar Helper] -> [2009/10/27 09:06:19 | 00,256,112 | ---- | M] (Google Inc.)
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [Google Toolbar Notifier BHO] -> [2009/10/27 16:41:37 | 00,761,840 | ---- | M] (Google Inc.)
    {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [Google Dictionary Compression sdch] -> [2009/10/27 09:06:13 | 00,458,736 | ---- | M] (Google Inc.)
    < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/10/27 09:06:19 | 00,256,112 | ---- | M] (Google Inc.)
    "{327C2873-E90D-4c37-AA9D-10AC9BABA46C}" [HKLM] -> C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [Easy-WebPrint] -> [2004/08/26 11:27:32 | 00,405,504 | ---- | M] ()
    "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2005/11/04 19:29:58 | 00,399,352 | ---- | M] (Yahoo! Inc.)
    < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
    ShellBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/10/27 09:06:19 | 00,256,112 | ---- | M] (Google Inc.)
    WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
    WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Toolbar] -> [2009/10/27 09:06:19 | 00,256,112 | ---- | M] (Google Inc.)
    WebBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
    WebBrowser\\"{4982D40A-C53B-4615-B15B-B5B5E98D167C}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
    WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2005/11/04 19:29:58 | 00,399,352 | ---- | M] (Yahoo! Inc.)
    < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    "ATIPTA" -> C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] -> [2005/03/17 21:05:00 | 00,339,968 | ---- | M] (ATI Technologies, Inc.)
    "QuickTime Task" -> C:\Program Files\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2005/09/07 04:14:17 | 00,098,304 | ---- | M] (Apple Computer, Inc.)
    < RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
    "*Restore" -> C:\WINDOWS\System32\restore\rstrui.exe [C:\WINDOWS\system32\restore\rstrui.exe -c] -> [2004/08/04 15:00:00 | 00,380,416 | ---- | M] (Microsoft Corporation)
    < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    "SUPERAntiSpyware" -> J:\SUPERAntiSpyware.exe [J:\SUPERAntiSpyware.exe] -> File not found
    "swg" -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] -> [2007/07/19 11:44:37 | 00,068,856 | ---- | M] (Google Inc.)
    < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Belkin Wireless USB Utility.lnk -> C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe -> [2005/10/28 11:23:10 | 01,404,928 | ---- | M] (Belkin)
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WG111v3\WG111v3.exe -> [2008/07/01 10:34:48 | 02,326,528 | ---- | M] ()
    < Owner Startup Folder > -> C:\Documents and Settings\Owner\Start Menu\Programs\Startup ->
    < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main
    \Main\\"DisableFirstRunCustomize" -> [1] -> File not found
    < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    \\"HonorAutoRunSetting" -> [1] -> File not found
    \\"NoSetActiveDesktop" -> [0] -> File not found
    \\"NoActiveDesktopChanges" -> [0] -> File not found
    \\"NoFolderOptions" -> [0] -> File not found
    \\"NoRun" -> [0] -> File not found
    < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
    \\"dontdisplaylastusername" -> [0] -> File not found
    \\"legalnoticecaption" -> [] -> File not found
    \\"legalnoticetext" -> [] -> File not found
    \\"shutdownwithoutlogon" -> [1] -> File not found
    \\"undockwithoutlogon" -> [1] -> File not found
    \\"DisableTaskMgr" -> [0] -> File not found
    \\"DisableRegistryTools" -> [0] -> File not found
    \\"DisableCMD" -> [0] -> File not found
    < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    \\"NoDriveTypeAutoRun" -> [145] -> File not found
    \\"NoFolderOptions" -> [0] -> File not found
    \\"NoSetActiveDesktop" -> [0] -> File not found
    \\"NoActiveDesktopChanges" -> [0] -> File not found
    \\"NoRun" -> [0] -> File not found
    < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
    \\"DisableRegistryTools" -> [0] -> File not found
    \\"DisableTaskMgr" -> [0] -> File not found
    \\"DisableCMD" -> [0] -> File not found
    < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
    {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Button: Yahoo! Services] -> [2005/08/17 09:40:28 | 00,181,752 | ---- | M] (Yahoo!)
    {e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2006/10/10 08:44:50 | 00,557,568 | ---- | M] (Microsoft Corporation)
    {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Button: Messenger] -> [2004/10/13 12:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
    {FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2004/10/13 12:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
    < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
    CmdMapping\\"{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}" [HKLM] -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2005/08/17 09:40:28 | 00,181,752 | ---- | M] (Yahoo!)
    CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> C:\Program Files\Messenger\msmsgs.exe [Messenger] -> [2004/10/13 12:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation)
    < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
    PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
    PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
    < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    "" -> http://
    < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
    < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
    < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
    < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
    < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
    {5ED80217-570B-4DA9-BF44-BE107C0EC166} [HKLM] -> http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab [Windows Live Safety Center Base Module] ->
    {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab [Reg Error: Key error.] ->
    {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} [HKLM] -> http://www.superadblocker.com/activex/sabspx.cab [SABScanProcesses Class] ->
    {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] ->
    < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
    DhcpNameServer -> 10.0.0.1 ->
    < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/873120

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice