PDA

View Full Version : VirusRemover2008!!!!!


george4321
08-11-08, 00:56
I havethis VirusRemover2008 thingie that's a virus. I'm not sure how to get rid of it.

---------------------------------------------------------------
AutoRuns Diagnostics for TRF v 0.5 Developed by EscondeR
---------------------------------------------------------------



Program:
N/A
Publisher:
"(Verified) Lavasoft AB"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
Entry name:
lsdelete
Program path & name:
"c:\windows\system32\lsdelete.exe"
Enabled: [V]


Program:
"Ad-Aware service"
Publisher:
"(Verified) Lavasoft AB"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
aawservice
Program path & name:
"c:\program files\lavasoft\ad-aware\aawservice.exe"
Enabled: [V]


Program:
"Bonjour allows applications like iTunes and Safari to advertise and discover services on the local network. Having Bonjour running enables you to connect to hardware devices like Apple TV and software services like iTunes sharing and AirTunes. If you disable Bonjour
Publisher:
any network service that explicitly depends on it will fail to start."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Bonjour Service
Program path & name:
"(Verified) Apple Inc.""c:\program files\bonjour\mdnsresponder.exe"
Enabled: [V]


Program:
"Virus Definition Daemon"
Publisher:
"(Not verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
DefWatch
Program path & name:
"c:\program files\symantec_client_security\symantec antivirus\defwatch.exe"
Enabled: [V]


Program:
"gusvc"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
gusvc
Program path & name:
"c:\program files\google\common\google updater\googleupdaterservice.exe"
Enabled: [V]


Program:
"Collects log data from the IJ printer and manages data transmission."
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
IJPLMSVC
Program path & name:
c:\program files\canon\ijplm\ijplmsvc.exe"
Enabled: [V]


Program:
"Symantec AntiVirus"
Publisher:
"(Not verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Norton AntiVirus Server
Program path & name:
"c:\program files\symantec_client_security\symantec antivirus\rtvscan.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
EagleNT
Program path & name:
File not found: C:\WINDOWS\system32\drivers\EagleNT.sys"
Enabled: [V]


Program:
"Symantec Eraser Control Driver"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
eeCtrl
Program path & name:
"c:\program files\common files\symantec shared\eengine\eectrl.sys"
Enabled: [V]


Program:
"AutoProtect"
Publisher:
"(Not verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NAVAP
Program path & name:
"c:\program files\symantec_client_security\symantec antivirus\navap.sys"
Enabled: [V]


Program:
"NAVAPEL"
Publisher:
"(Not verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NAVAPEL
Program path & name:
"c:\program files\symantec_client_security\symantec antivirus\navapel.sys"
Enabled: [V]


Program:
"AV Engine"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NAVENG
Program path & name:
"c:\program files\common files\symantec shared\virusdefs\20081107.008\naveng.sys"
Enabled: [V]


Program:
"AV Engine"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NAVEX15
Program path & name:
"c:\program files\common files\symantec shared\virusdefs\20081107.008\navex15.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
npkcrypt
Program path & name:
File not found: C:\Nexon\MapleStory\npkcrypt.sys"
Enabled: [V]


Program:
"Px Engine Device Driver for Windows 2000/XP"
Publisher:
"(Verified) Sonic Solutions"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
PxHelp20
Program path & name:
"c:\windows\system32\drivers\pxhelp20.sys"
Enabled: [V]


Program:
"USB PC Camera driver"
Publisher:
"(Not verified) Sonix Co. Ltd."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SNP325
Program path & name:
"c:\windows\system32\drivers\snp325.sys"
Enabled: [V]


Program:
"Symantec Event Library"
Publisher:
"(Verified) Symantec Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SymEvent
Program path & name:
"c:\program files\symantec\symevent.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
WINIO
Program path & name:
File not found: C:\Program Files\Speed Gear\winio.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
XDva136
Program path & name:
File not found: C:\WINDOWS\system32\XDva136.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
c00E87C6
Program path & name:
c:\windows\system32\c00e87c6.mat"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
hgGyaXrq
Program path & name:
c:\windows\system32\hggyaxrq.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
NavLogon
Program path & name:
c:\windows\system32\navlogon.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
sys32
Program path & name:
File not found: sys32.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authenti cation Packages
Entry name:
C:\WINDOWS\system32\mlJdEWPf
Program path & name:
c:\windows\system32\mljdewpf.dll"
Enabled: [V]


Program:
"Google Desktop"
Publisher:
"(Not verified) Google"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
Program path & name:
"c:\program files\google\google desktop search\googledesktopnetwork3.dll"
Enabled: [V]


Program:
"Symantec AntiVirus"
Publisher:
"(Not verified) Symantec Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
vptray
Program path & name:
"c:\program files\symantec_client_security\symantec antivirus\vptray.exe"
Enabled: [V]


Program:
"Google Desktop"
Publisher:
"(Verified) Google Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Google Desktop Search
Program path & name:
"c:\program files\google\google desktop search\googledesktop.exe"
Enabled: [V]


Program:
"Google Talk"
Publisher:
"(Not verified) Google"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
googletalk
Program path & name:
"c:\program files\google\google talk\googletalk.exe"
Enabled: [V]


Program:
"Adobe Acrobat SpeedLauncher"
Publisher:
"(Verified) Adobe Systems Incorporated"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Adobe Reader Speed Launcher
Program path & name:
"c:\program files\adobe\reader 8.0\reader\reader_sl.exe"
Enabled: [V]


Program:
"CNSLMAIN"
Publisher:
"(Verified) Canon Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
CanonSolutionMenu
Program path & name:
"c:\program files\canon\solutionmenu\cnslmain.exe"
Enabled: [V]


Program:
"Canon My Printer"
Publisher:
"(Verified) Canon Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
CanonMyPrinter
Program path & name:
"c:\program files\canon\myprinter\bjmyprt.exe"
Enabled: [V]


Program:
"SSBkgdUpdate"
Publisher:
"(Verified) Nuance Communications Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
SSBkgdUpdate
Program path & name:
"c:\program files\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe"
Enabled: [V]


Program:
"OCR Aware"
Publisher:
"(Verified) Nuance Communications Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
OpwareSE4
Program path & name:
"c:\program files\scansoft\omnipagese4\opwarese4.exe"
Enabled: [V]


Program:
"NsWrtMon Microsoft Base Class Application"
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
WrtMon.exe
Program path & name:
c:\windows\system32\spool\drivers\w32x86\3\wrtmon. exe"
Enabled: [V]


Program:
"CameraFixer MFC Application"
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
FixCamera
Program path & name:
c:\windows\fixcamera.exe"
Enabled: [V]


Program:
"tsnp2std Microsoft "
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
tsnp325
Program path & name:
c:\windows\tsnp325.exe"
Enabled: [V]


Program:
"CameraMonitor Application"
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
snp325
Program path & name:
c:\windows\vsnp325.exe"
Enabled: [V]


Program:
"RealNetworks Scheduler"
Publisher:
"(Verified) RealNetworks Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
TkBellExe
Program path & name:
"c:\program files\common files\real\update_ob\realsched.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Bat Wave Base Dale
Program path & name:
c:\documents and settings\all users\application data\link axis bat wave\bike debug.exe"
Enabled: [V]


Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
application/octet-stream
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]


Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
application/x-complus
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]


Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
application/x-msdownload
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
Entry name:
0
Program path & name:
File not found: About:Home"
Enabled: [V]


Program:
"Microsoft .NET IE SECURITY REGISTRATION"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
n/a
Program path & name:
"c:\windows\system32\mscories.dll"
Enabled: [V]


Program:
"Microsoft Office 2000 component"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Entry name:
Microsoft Office.lnk
Program path & name:
"c:\program files\microsoft office\office\osa9.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer\Run
Entry name:
Lsass Service
Program path & name:
c:\documents and settings\akaash\application data\microsoft\windows\lsass.exe"
Enabled: [V]


Program:
"GoogleToolbarNotifier"
Publisher:
"(Verified) Google Inc"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
swg
Program path & name:
"c:\program files\google\googletoolbarnotifier\googletoolbarno tifier.exe"
Enabled: [V]


Program:
"RogersAgent.exe"
Publisher:
"(Not verified) Rogers Cable Communications"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
RogersAgent
Program path & name:
"c:\program files\rogers\selfhealing\rogersagent.exe"
Enabled: [V]


Program:
"Rogers Hi-Speed Internet Self Healing Software"
Publisher:
"(Verified) Rogers Cable Communications Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
SHS
Program path & name:
"c:\program files\rogers\selfhealing\shs.exe"
Enabled: [V]


Program:
"Rogers Hi-Speed Internet Update Manager "
Publisher:
"(Verified) Rogers Cable Communications Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Update Manager
Program path & name:
"c:\program files\rogers\update manager\updatemanager.exe"
Enabled: [V]


Program:
"D"
Publisher:
"(Not verified) E"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Debug Tool
Program path & name:
"c:\documents and settings\akaash\application data\bin setup software\new user.exe"
Enabled: [V]


Program:
"Registry Mechanic 8.0"
Publisher:
"(Verified) PC Tools"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
RegistryMechanic
Program path & name:
"c:\program files\registry mechanic\regmech.exe"
Enabled: [V]


Program:
"System settings protector"
Publisher:
"(Verified) Safer Networking Ltd."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
SpybotSD TeaTimer
Program path & name:
"c:\program files\spybot - search & destroy\teatimer.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
Task Scheduler
Entry name:
AE0AAFBA918925F2.job
Program path & name:
c:\documents and settings\akaash\application data\bin setup software\typehtmbind.exe"
Enabled: [V]


Program:
"SBSD IE Protection"
Publisher:
"(Verified) Safer Networking Ltd."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Spybot-S&D IE Protection
Program path & name:
"c:\program files\spybot - search & destroy\sdhelper.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{5CECE63E-3E31-4DD8-977A-797A8DAE4536}
Program path & name:
c:\windows\system32\mljdewpf.dll"
Enabled: [V]


Program:
"Java(TM) Platform SE binary"
Publisher:
"(Verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
SSVHelper Class
Program path & name:
"c:\program files\java\jre1.6.0_07\bin\ssv.dll"
Enabled: [V]


Program:
"Google IE Client Toolbar"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Google Toolbar Helper
Program path & name:
"c:\program files\google\googletoolbar1.dll"
Enabled: [V]


Program:
"GoogleToolbarNotifier"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Google Toolbar Notifier BHO
Program path & name:
"c:\program files\google\googletoolbarnotifier\4.1.805.4472\sw g.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks
Entry name:
hggyaxrq.dll
Program path & name:
c:\windows\system32\hggyaxrq.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Web Folders
Program path & name:
c:\program files\common files\microsoft shared\web folders\msonsext.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Display Panning CPL Extension
Program path & name:
File not found: deskpan.dll"
Enabled: [V]


Program:
"Symantec AntiVirus"
Publisher:
"(Not verified) Symantec Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
LDVP Shell Extensions
Program path & name:
"c:\program files\common files\symantec shared\ssc\vpshell2.dll"
Enabled: [V]


Program:
"Microsoft Outlook Shell Hook for Start/Find"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Microsoft Outlook Custom Icon Handler
Program path & name:
"c:\program files\microsoft office\office\olkfstub.dll"
Enabled: [V]


Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Fusion Cache
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]


Program:
"RealPlayer Shell Extensions"
Publisher:
"(Verified) RealNetworks Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
Shell Extensions for RealOne Player
Program path & name:
"c:\program files\real\realplayer\rpshell.dll"
Enabled: [V]


Program:
N/A
Publisher:
"(Not verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
OpenOffice.org Column Handler
Program path & name:
"c:\program files\sun\staroffice 8\program\shlxthdl.dll"
Enabled: [V]


Program:
N/A
Publisher:
"(Not verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
OpenOffice.org Infotip Handler
Program path & name:
"c:\program files\sun\staroffice 8\program\shlxthdl.dll"
Enabled: [V]


Program:
N/A
Publisher:
"(Not verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
OpenOffice.org Property Sheet Handler
Program path & name:
"c:\program files\sun\staroffice 8\program\shlxthdl.dll"
Enabled: [V]


Program:
N/A
Publisher:
"(Not verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
OpenOffice.org Thumbnail Viewer
Program path & name:
"c:\program files\sun\staroffice 8\program\shlxthdl.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved
Entry name:
WinRAR shell extension
Program path & name:
c:\program files\winrar\rarext.dll"
Enabled: [V]


Program:
N/A
Publisher:
"(Not verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Classes\Folder\Shellex\ColumnHandler s
Entry name:
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
Program path & name:
"c:\program files\sun\staroffice 8\program\shlxthdl.dll"
Enabled: [V]


Program:
"PDF Shell Extension"
Publisher:
"(Not verified) Adobe Systems Inc."
Entry path:
HKLM\Software\Classes\Folder\Shellex\ColumnHandler s
Entry name:
PDF Shell Extension
Program path & name:
"c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
Enabled: [V]


Program:
"Google IE Client Toolbar"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
googletoolbar1.dll
Program path & name:
"c:\program files\google\googletoolbar1.dll"
Enabled: [V]

EscondeR
08-11-08, 08:13
1. Download Autoruns (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)
2. Reboot your PC ion Safe Mode.
3. Run Autoruns, wait till it finishes scanning and then kill those entries on Everything tab (right click and select Delete):

Program:
"gusvc"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
gusvc
Program path & name:
"c:\program files\google\common\google updater\googleupdaterservice.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
EagleNT
Program path & name:
File not found: C:\WINDOWS\system32\drivers\EagleNT.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
npkcrypt
Program path & name:
File not found: C:\Nexon\MapleStory\npkcrypt.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
WINIO
Program path & name:
File not found: C:\Program Files\Speed Gear\winio.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
XDva136
Program path & name:
File not found: C:\WINDOWS\system32\XDva136.sys"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
c00E87C6
Program path & name:
c:\windows\system32\c00e87c6.mat"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
hgGyaXrq
Program path & name:
c:\windows\system32\hggyaxrq.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
NavLogon
Program path & name:
c:\windows\system32\navlogon.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
sys32
Program path & name:
File not found: sys32.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authenti cation Packages
Entry name:
C:\WINDOWS\system32\mlJdEWPf
Program path & name:
c:\windows\system32\mljdewpf.dll"
Enabled: [V]


Program:
"Google Desktop"
Publisher:
"(Not verified) Google"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
Program path & name:
"c:\program files\google\google desktop search\googledesktopnetwork3.dll"
Enabled: [V]


Program:
"Google Desktop"
Publisher:
"(Verified) Google Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Google Desktop Search
Program path & name:
"c:\program files\google\google desktop search\googledesktop.exe"
Enabled: [V]


Program:
"Google Talk"
Publisher:
"(Not verified) Google"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
googletalk
Program path & name:
"c:\program files\google\google talk\googletalk.exe"
Enabled: [V]


Program:
"CameraFixer MFC Application"
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
FixCamera
Program path & name:
c:\windows\fixcamera.exe"
Enabled: [V]


Program:
"tsnp2std Microsoft "
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
tsnp325
Program path & name:
c:\windows\tsnp325.exe"
Enabled: [V]


Program:
"CameraMonitor Application"
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
snp325
Program path & name:
c:\windows\vsnp325.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Bat Wave Base Dale
Program path & name:
c:\documents and settings\all users\application data\link axis bat wave\bike debug.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer\Run
Entry name:
Lsass Service
Program path & name:
c:\documents and settings\akaash\application data\microsoft\windows\lsass.exe"
Enabled: [V]


Program:
"GoogleToolbarNotifier"
Publisher:
"(Verified) Google Inc"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
swg
Program path & name:
"c:\program files\google\googletoolbarnotifier\googletoolbarno tifier.exe"
Enabled: [V]


Program:
"D"
Publisher:
"(Not verified) E"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Debug Tool
Program path & name:
"c:\documents and settings\akaash\application data\bin setup software\new user.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
Task Scheduler
Entry name:
AE0AAFBA918925F2.job
Program path & name:
c:\documents and settings\akaash\application data\bin setup software\typehtmbind.exe"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
{5CECE63E-3E31-4DD8-977A-797A8DAE4536}
Program path & name:
c:\windows\system32\mljdewpf.dll"
Enabled: [V]


Program:
"Google IE Client Toolbar"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Google Toolbar Helper
Program path & name:
"c:\program files\google\googletoolbar1.dll"
Enabled: [V]


Program:
"GoogleToolbarNotifier"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects
Entry name:
Google Toolbar Notifier BHO
Program path & name:
"c:\program files\google\googletoolbarnotifier\4.1.805.4472\sw g.dll"
Enabled: [V]


Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks
Entry name:
hggyaxrq.dll
Program path & name:
c:\windows\system32\hggyaxrq.dll"
Enabled: [V]


Program:
"Google IE Client Toolbar"
Publisher:
"(Verified) Google Inc"
Entry path:
HKLM\Software\Microsoft\Internet Explorer\Toolbar
Entry name:
googletoolbar1.dll
Program path & name:
"c:\program files\google\googletoolbar1.dll"
Enabled: [V]


And better get rid of Norton/Symantec crap and install some decent antivirus, e.g. Kaspersky or AVG.

Muhammad
08-11-08, 20:15
I'd also recommend NOD32 :)

EscondeR
08-11-08, 21:02
^ NOD32 is overprotective and annoying, hardly "convincable" by user and consumes too much resources IMO.