Username "Alex" - 10/20/2007 13:29:25 [Fixwareout edited 9/01/2007] ~~~~~ Prerun check System was rebooted successfully. ~~~~~ Postrun check HKLM\SOFTWARE\~\Winlogon\ "system"="" .... .... ~~~~~ Misc files. .... ~~~~~ Checking for older varients. .... ~~~~~ Current runs (hklm hkcu "run" Keys Only) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "EzButton"="C:\\Program Files\\EzButton\\EzButton.EXE" "CeEPOWER"="C:\\Program Files\\TOSHIBA\\Power Management\\CePMTray.exe" "nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE" "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe" "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" "Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" "LogitechQuickCamRibbon"="\"C:\\Program Files\\Logitech\\QuickCam10\\QuickCam10.exe\" /hide" "LogitechCommunicationsManager"="\"C:\\Program Files\\Common Files\\LogiShrd\\LComMgr\\Communications_Helper.exe\"" "MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Taskbar Shuffle"="C:\\Program Files\\Taskbar Shuffle\\taskbarshuffle.exe" "H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\Wcescomm.exe\"" .... Hosts file was reset, If you use a custom hosts file please replace it... ~~~~~ End report ~~~~~

Results of Riyo Codec cleanup
Started by
MorgothsBalrog
, Oct 20 2007 01:14 PM
1 reply to this topic
#1
Posted 20 October 2007 - 01:14 PM
Register to Remove
#2
Posted 21 October 2007 - 02:31 PM
Howdy MorgothsBalrog,
Welcome to WTT. Bit of the cart before the horse here - let's start with some system information and then move forward from there.
If you don't already have it download and install HijackThis from here, run a scan and post back that log.
Also Go Here and download Silent Runners to your desktop. Run it, and post back here the log it creates. If your AV queries the script, allow it to run. It's not malicious. It will create a file named Startup Programs, and will notify when the scan is complete. Copy the log from the Startup Programs file back here. No need to use the "Code" function when posting the logs.
Welcome to WTT. Bit of the cart before the horse here - let's start with some system information and then move forward from there.
If you don't already have it download and install HijackThis from here, run a scan and post back that log.
Also Go Here and download Silent Runners to your desktop. Run it, and post back here the log it creates. If your AV queries the script, allow it to run. It's not malicious. It will create a file named Startup Programs, and will notify when the scan is complete. Copy the log from the Startup Programs file back here. No need to use the "Code" function when posting the logs.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users