Re: Do you trust the uninstaller?

CalamityJane Premium,VIP,MVM join:2002-08-27 Eustis, FL	reply to smileatus Re: aproposfix smileatus, that's what you had. Fixed now This line: "ServerAddress"="adchannel.contextplus.net" And this line (random named folder in Program files): C:\\Program Files\\Qui star Clear signs of the Apropos Adware with Rootkit that this fix was designed for. Your log looks good and you should be ok now. Ya'll can thank Swandog46 for this fix - he wrote it -- It takes a disaster to make a woman out of a female Microsoft MVP/Windows Security 2003-2006 Proud Member of ASAP (Alliance of Security Analysis Professionals)
	to forum · permalink · · 2006-01-07 22:51:03 · (locked)
smileatus @Dial1.Atl	reply to h00ch Worked great! I tried two other fixes I found on other forums: Making sure the Plug and Play service was running; and setting the permissions for the Enum registry entry, but neither got my Device Manager back. However aproposfix did the trick. Here is the log: Log of AproposFix v1 ********** Running from directory: C:\_Rick\Fix\aproposfix ******** Registry entries found: [HKEY_LOCAL_MACHINE\Software\C7XXtAGsMVn5] @="wNT2s\\2abbabbcb6INROXYabbaqdb6w\\\\3bSYSTEMhgbDRIVERSbKBDREAMScSYS" "Device"="\\\\.\\Winroxy" "DriverPath"="C:\\WINNT\\system32\\drivers\\kbdreams.sys" "DriverName"="IntSENS" "HideUninstallerName"="C:\\Program Files\\Qui star\\rex00133.exe" "ServerAddress"="adchannel.contextplus.net" "LegalNote"="http://adchannel.contextplus.net/legal-note/nonbranded.html" "PartnerId"="CP.GH2" "InstallationId"="{Xc932d82-081e-1297-1588-6e2ed72e8e3d}" "PageFiltering"=dword:00000002 "ClientName"="C:\\Program Files\\Qui star\\gpttpqfe.exe" "AutoUpdater"="C:\\WINNT\\system32\\ddmernat.exe" "Version"="2.0.128" "CrMnTmt"=dword:0036ee80 ********** Removing hidden service: Service IntSENS removed. Removing hidden folder: Deleting files: Deletion of file C:\WINNT\system32\drivers\kbdreams.sys succeeded! Deletion of file C:\WINNT\system32\ddmernat.exe succeeded! Backing up files: Done! Removing registry entries: REGEDIT4 [-HKEY_CURRENT_USER\Software\C7XXtAGsMVn5] [-HKEY_LOCAL_MACHINE\Software\C7XXtAGsMVn5] Done! Finished!
	to forum · permalink · 2006-01-07 22:05:33 · (locked)
compu_fan join:2005-12-20 Tampa, FL 1 edit	reply to MeJon CalamityJane Thanks a ton CalamityJane for the wonderful aproposfix it worked ...so happy.Great job keep it up.
	to forum · permalink · · 2005-12-20 10:29:30 · (locked)
h00ch @cgocable.net	reply to youareallgods Re: aproposfix I tried this, but there were no entries in the log. I still cannot see anything in the Device Manager or Network Connecgtions dialog. Can someone suggest something else to try? I've been searching the web trying everything I find, but even this does not work!
	to forum · permalink · 2005-12-17 13:22:21 · (locked)
youareallgods @awcable.com	reply to Gerdybug Thank you sooooo much. This fixed the blank device manager, no network connections, hoards of pop-ups popping up, annoying taskbar toolbars, my system32 folder being hidden no matter what, my windowblinds settings being lost every time I restart, and countless other. You are gods. .:LOG:. Log of AproposFix v1 ********** Running from directory: C:\Documents and Settings\Sean\Desktop\aproposfix ******** Registry entries found: [HKEY_LOCAL_MACHINE\Software\CoVWmABEYf83] @="kRCzmnnWXXWXXYXzmsox0wWXXWmZX2sxny2.XOUOPAIdcX9NERANOX9NIQO79YOUO" "Device"="\\\\.\\PCIENUM" "DriverPath"="C:\\WINDOWS\\system32\\drivers\\drmusbd.sys" "DriverName"="AvgPCDD" "HideUninstallerName"="C:\\Program Files\\Liminrar\\wmsctrac.exe" "HDll"="C:\\WINDOWS\\system32\\srsdw400.dll" "ServerAddress"="adchannel.contextplus.net" "LegalNote"="http://adchannel.contextplus.net/legal-note/nonbranded.html" "PartnerId"="CP.LAV" "InstallationId"="{Xceb6e3b-ec8a-58ac-5fea-24326c194983}" "PageFiltering"=dword:00000001 "CrMnTmt"=dword:0036ee80 "ClientName"="C:\\Program Files\\Liminrar\\opelhtml.exe" "AutoUpdater"="C:\\WINDOWS\\system32\\jgscfgnt.exe" "Version"="2.0.128" ********** Removing hidden service: Service AvgPCDD removed. Removing hidden folder: Deletion of folder Liminrar succeeded! Deleting files: Deletion of file C:\WINDOWS\system32\drivers\drmusbd.sys succeeded! Deletion of file C:\WINDOWS\system32\jgscfgnt.exe succeeded! Deletion of file C:\WINDOWS\system32\srsdw400.dll succeeded! Backing up files: Done! Removing registry entries: REGEDIT4 [-HKEY_CURRENT_USER\Software\CoVWmABEYf83] [-HKEY_LOCAL_MACHINE\Software\CoVWmABEYf83] Done! Finished! And again thank you all soooooo much.
	to forum · permalink · 2005-12-07 01:53:43 · (locked)
Gerdybug @client.bresna	reply to CalamityJane THANKS!!!! Seem to fix Mine... Here is log! Log of AproposFix v1 ********** Running from directory: C:\Documents and Settings\Dad\Desktop\Fix\aproposfix ******** Registry entries found: [HKEY_LOCAL_MACHINE\Software\CvXg3A2rgj35] @="iZiB065IJJIJJKJ05Bs40IJJIYLJsejZksoJAGAB 4POJz90D 9AJ4\\.7y78KAGA" "Device"="\\\\.\\intWmi" "DriverPath"="C:\\WINDOWS\\system32\\drivers\\mfgpcpq.sys" "DriverName"="MDMtion" "HideUninstallerName"="C:\\Program Files\\Ado labs\\dsielnet.exe" "UninstallerPath"="C:\\WINDOWS\\system32\\typprbda.exe" "UninstallerRegKey"="HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{7F057F8C-A2D1-437D-B991-88B72401B16D}" "UninstallerParams"="/CTUN" "HDll"="C:\\WINDOWS\\system32\\gdiigtab.dll" "ServerAddress"="adchannel.contextplus.net" "LegalNote"="http://adchannel.contextplus.net/legal-note/nonbranded.html" "PartnerId"="CP.IST2" "InstallationId"="{X215fc60-83ef-3b13-e7cc-225b721a6f76}" "PageFiltering"=dword:00000001 "CrMnTmt"=dword:0036ee80 ********** Removing hidden service: Service MDMtion removed. Removing hidden folder: Deleting files: Deletion of file C:\WINDOWS\system32\drivers\mfgpcpq.sys succeeded! Deletion of file C:\WINDOWS\system32\mripdmoe.exe succeeded! Deletion of file C:\WINDOWS\system32\gdiigtab.dll succeeded! Deletion of file C:\WINDOWS\system32\typprbda.exe succeeded! Backing up files: Done! Removing registry entries: REGEDIT4 [-HKEY_CURRENT_USER\Software\CvXg3A2rgj35] [-HKEY_LOCAL_MACHINE\Software\CvXg3A2rgj35] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7F057F8C-A2D1-437D-B991-88B72401B16D}] Done! Finished!
	to forum · permalink · 2005-12-02 16:17:25 · (locked)
CalamityJane Premium,VIP,MVM join:2002-08-27 Eustis, FL	reply to MeJon Re: Do you trust the uninstaller? said by MeJon : Thanks for the link to aproposfix.exe. It worked perfectly! You saved the day. Glad to hear it! We can all thank Swandog46 from SpywareInfo (and other forums) for developing that tool -- It takes a disaster to make a woman out of a female Microsoft MVP/Windows Security 2003-2006 Proud Member of ASAP (Alliance of Security Analysis Professionals)
	to forum · permalink · · 2005-11-03 18:33:02 · (locked)
MeJon @reachone.net	reply to CalamityJane Thanks for the link to aproposfix.exe. It worked perfectly! You saved the day.
	to forum · permalink · 2005-11-03 11:39:59 · (locked)


Sunday, 29-Nov 04:33:41	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF