Ei toimi Mozilla (3.0.1) muilla tietokoneeni käyttäjillä -DSS-logi

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by Hanger, Aug 4, 2008.

Thread Status:
Not open for further replies.
  1. Hanger

    Hanger Member

    Joined:
    May 22, 2004
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    16
    Vaimon puolella ei Mozilla Firefox 3.0.1 avaudu ollenkaan (joutuu käyttämään sen vuoksi Exploreria). Jotakin on pielessä, kun valittaa etten ole muka "Järjestelmävalvoja". Minun puoleni toimii taas "Järjestelmävalvojana", vaikkei se ole nimeltään "Järjestelmävalvoja" (Firefox toimii kyllä minulla)!!


    DSS-logi (HUOM! Otettu kun Comodo Firewall & Avast! Home Edition ovat olleet pois päältä):

    Deckard's System Scanner v20071014.68
    Run by Mikko on 2008-08-04 14:45:19
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    Total Physical Memory: 1022 MiB (1024 MiB recommended).


    -- HijackThis (run as Mikko.exe) -----------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:45:52, on 4.8.2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Windows Live\Perheturva\fssui.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Users\Mikko\Program Files\DNA\btdna.exe
    C:\Windows\System32\rundll32.exe
    C:\Users\Mikko\Desktop\dss.exe
    C:\HJT\Mikko.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Windows Live OneCare Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Perheturva\fssbho.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
    O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Perheturva\fssui.exe" -autorun
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Mikko\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {0DCFA2BF-94AD-45A9-8938-AF014F381C9F} (F-Secure Health Check 1.0) - http://support.f-secure.com/beta/hctp/fscax.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {49E71DB9-E803-43BA-AF81-1CAF61A6C4CB} (F-Secure Online Scanner 3.2) - http://support.f-secure.com/ols/beta/fscax.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols3beta/fscax.cab
    O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - http://www.nanoscan.com/cabs/nanoinst.cab
    O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://www.virustorjunta.net/modules/Online_Scanner/fscax.cab
    O16 - DPF: {A4069847-C342-48E2-9257-01A24E5C78EA} (F-Secure Online Scanner 3.2) - http://support.f-secure.com/ols3beta/fscax.cab
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {CDA71007-85DF-4E3C-8DE8-C2C31705504A} - http://support.f-secure.com/ols/beta/olslauncher.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\Windows\system32\guard32.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
    O23 - Service: Google Desktop Manager 5.1.709.19590 (GoogleDesktopManager-091907-194040) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe

    --
    End of file - 10152 bytes

    -- Files created between 2008-07-04 and 2008-08-04 -----------------------------

    2008-08-03 17:04:13 0 d-------- C:\Program Files\Norman
    2008-08-03 13:42:31 0 d-------- C:\Program Files\Skype
    2008-08-03 13:42:31 0 d-------- C:\Program Files\Common Files\Skype
    2008-08-03 13:42:25 0 d-------- C:\Users\All Users\Skype
    2008-08-02 10:50:21 0 d-------- C:\Users\All Users\Avg8
    2008-08-01 10:58:50 0 d-------- C:\Users\Mikko\Program Files
    2008-07-31 19:42:47 0 d-------- C:\Program Files\DNA
    2008-07-31 19:42:45 0 d-------- C:\Program Files\BitTorrent
    2008-07-31 19:01:24 0 d-------- C:\msorb3
    2008-07-31 17:12:30 0 d--h----- C:\$AVG8.VAULT$
    2008-07-07 19:20:31 0 d-------- C:\Program Files\Alwil Software
    2008-07-05 13:56:07 0 d-------- C:\Program Files\AVG


    -- Find3M Report ---------------------------------------------------------------

    2008-08-04 14:46:54 0 d-------- C:\Users\Mikko\AppData\Roaming\DNA
    2008-08-04 14:43:42 0 d-------- C:\Users\Mikko\AppData\Roaming\Skype
    2008-08-04 10:39:11 0 d-------- C:\Users\Mikko\AppData\Roaming\skypePM
    2008-08-03 16:26:03 0 d-------- C:\Users\Mikko\AppData\Roaming\BitTorrent
    2008-08-03 13:42:31 0 d-------- C:\Program Files\Common Files
    2008-08-02 18:28:59 0 d-------- C:\Program Files\Norton Security Scan
    2008-08-02 17:00:44 0 d-------- C:\Users\Mikko\AppData\Roaming\OpenOffice.org2
    2008-08-02 15:38:41 0 d-------- C:\Program Files\SpywareBlaster
    2008-08-01 16:24:23 0 d-------- C:\Users\Mikko\AppData\Roaming\ZoomBrowser EX
    2008-08-01 11:30:19 440914 --a------ C:\Windows\system32\perfh00B.dat
    2008-08-01 11:30:19 83252 --a------ C:\Windows\system32\perfc00B.dat
    2008-08-01 11:20:22 0 d-------- C:\Program Files\a-squared Free
    2008-08-01 11:12:32 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-07-30 20:14:14 0 d-------- C:\Users\Mikko\AppData\Roaming\Mozilla
    2008-07-28 19:40:48 0 d-------- C:\Program Files\Mozilla Thunderbird
    2008-07-28 10:06:02 0 d-------- C:\Program Files\SUPERAntiSpyware
    2008-07-28 10:06:00 0 d-------- C:\Users\Mikko\AppData\Roaming\SUPERAntiSpyware.com
    2008-07-28 10:05:33 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-07-13 17:24:28 0 d-------- C:\Program Files\Java
    2008-07-09 15:00:46 0 d-------- C:\Program Files\Windows Mail
    2008-06-30 15:43:09 0 d-------- C:\Program Files\Yahoo!
    2008-06-18 21:51:51 174 --ahs---- C:\Program Files\desktop.ini
    2008-06-18 20:24:17 0 d-------- C:\Program Files\Windows Calendar
    2008-06-18 20:24:16 0 d-------- C:\Program Files\Movie Maker
    2008-06-18 20:24:09 0 d-------- C:\Program Files\Windows Sidebar
    2008-06-18 20:24:04 0 d-------- C:\Program Files\Windows Collaboration
    2008-06-18 20:24:01 0 d-------- C:\Program Files\Windows Journal
    2008-06-18 20:23:59 0 d-------- C:\Program Files\Windows Photo Gallery
    2008-06-18 20:23:40 0 d-------- C:\Program Files\Windows Defender
    2008-06-18 19:15:21 152576 --a------ C:\Windows\system32\SPWizUI.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® -käyttöjärjestelmä>
    2008-06-05 13:32:26 0 d-------- C:\Users\Mikko\AppData\Roaming\Comodo
    2008-06-05 13:32:17 0 d-------- C:\Program Files\COMODO


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
    17.12.2007 11:12 56360 --a------ C:\Program Files\Windows Live\Perheturva\fssbho.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="RtHDVCpl.exe" [23.03.2007 20:04 C:\Windows\RtHDVCpl.exe]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [26.02.2007 20:46]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [04.11.2007 12:22]
    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [18.06.2007 16:10]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10.06.2008 04:27]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.01.2008 23:16]
    "MSConfig"="C:\Windows\system32\msconfig.exe" [18.01.2008 23:33]
    "fssui"="C:\Program Files\Windows Live\Perheturva\fssui.exe" [17.12.2007 11:12]
    "COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [05.06.2008 13:32]
    "Skytel"="Skytel.exe" [16.03.2007 16:06 C:\Windows\SkyTel.exe]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [12.09.2007 06:28]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [12.09.2007 06:28]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [12.09.2007 06:28]
    "Malwarebytes Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [30.07.2008 20:07]
    "avast!"="C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [19.07.2008 17:38]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [18.01.2008 23:33]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [07.07.2008 09:42]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [28.05.2008 10:33]
    "BitTorrent DNA"="C:\Users\Mikko\Program Files\DNA\btdna.exe" [01.08.2008 10:58]
    "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [23.07.2008 14:11]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [18.11.2007 18:29:35]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"=2 (0x2)
    "EnableUIADesktopToggle"=0 (0x0)
    "DisableRegistryTools"=0 (0x0)
    "HideLegacyLogonScripts"=0 (0x0)
    "HideLogoffScripts"=0 (0x0)
    "RunLogonScriptSync"=1 (0x1)
    "RunStartupScriptSync"=0 (0x0)
    "HideStartupScripts"=0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "LogonHoursAction"=2 (0x2)
    "DontDisplayLogonHoursWarnings"=1 (0x1)
    "HideLegacyLogonScripts"=0 (0x0)
    "HideLogoffScripts"=0 (0x0)
    "RunLogonScriptSync"=1 (0x1)
    "RunStartupScriptSync"=0 (0x0)
    "HideStartupScripts"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [13.05.2008 10:13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19.04.2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\Windows\system32\guard32.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @="Volume shadow copy"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
    @="IEEE 1394 Bus host controllers"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
    @="SBP2 IEEE 1394 Devices"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
    @="SecurityDevices"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
    LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    C:\Windows\system32\unregmp2.exe /ShowWMP

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



    -- End of Deckard's System Scanner: finished at 2008-08-04 14:49:05 ------------
     
    Last edited: Aug 4, 2008
    Hanger, Aug 4, 2008
    #1
Thread Status:
Not open for further replies.

Share This Page