Re: Do you trust the uninstaller?

BarneyBadAss Badasses Fight For Freedom Premium join:2004-05-07 00001	reply to grateful guest Re: Do you trust the uninstaller? The real question is how do you know you are infected in the 1st place? -- ---Barney
	to forum · permalink · · 2005-11-26 17:55:10 · (locked)
grateful guest @rr.com	reply to Ktulu07 thank you so much, i have been trying to fix this problem the entire day.... the world could definitely use more people like you Log of AproposFix v1 ********** Running from directory: C:\Documents and Settings\Josh\Desktop\aproposfix ******** Registry entries found: [HKEY_LOCAL_MACHINE\Software\CpPiEAH8dl9D] @="5xz8GLKghhghhih2UaZ2MXghhgwjhC.3x4C8hYeYZKSnmhJXObKXYhGMVJGYaViYeY" "Device"="\\\\.\\MoutMgr" "DriverPath"="C:\\WINDOWS\\system32\\drivers\\agpdasup.sys" "DriverName"="PDFSafe" "HideUninstallerName"="C:\\Program Files\\Halreal\\iyusrv32.exe" "UninstallerPath"="C:\\WINDOWS\\system32\\nbtntvwr.exe" "UninstallerRegKey"="HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{238E64E5-5F97-4A0C-9CD4-32997B9FA557}" "UninstallerParams"="/CTUN" "HDll"="C:\\WINDOWS\\system32\\paumsnap.dll" "ServerAddress"="adchannel.contextplus.net" "LegalNote"="http://adchannel.contextplus.net/legal-note/nonbranded.html" "PartnerId"="CP.IST2" "InstallationId"="{X93c43e1-85af-5cca-f475-8ceb4c34f7ad}" "PageFiltering"=dword:00000001 "ClientName"="C:\\Program Files\\Halreal\\cnvinfax.exe" ********** Removing hidden service: Service PDFSafe removed. Removing hidden folder:
	to forum · permalink · 2005-11-25 20:38:39 · (locked)
Ktulu07	reply to vamps Worked like a charm. Thanks very much Log of AproposFix v1 ********** Running from directory: C:\Documents and Settings\Administrator.THEONENESS\Desktop\aproposfix ******** Registry entries found: [HKEY_LOCAL_MACHINE\Software\CyXR7AB3KUE5] "Device"="\\\\.\\bastsvc" "DriverPath"="C:\\WINDOWS\\system32\\drivers\\nik1btxx.sys" "DriverName"="PDFSDDD" "UninstallerPath"="C:\\WINDOWS\\system32\\ahqtheme.exe" "HDll"="C:\\WINDOWS\\system32\\typuname.dll" "ServerAddress"="adchannel.contextplus.net" "LegalNote"="http://adchannel.contextplus.net/legal-note/nonbranded.html" "PartnerId"="CP.ANT2" "InstallationId"="{X5ccc894-532d-7dbd-03c6-b7d897a23f14}" "PageFiltering"=dword:00000001 "ClientName"="C:\\Program Files\\Lognikon\\finbatt.exe" "AutoUpdater"="C:\\WINDOWS\\system32\\wiadimap.exe" "Version"="2.0.128" "HideUninstallerName"="C:\\Program Files\\Lognikon\\jdbupnp.exe" "LastAURestoreMsgTS"="2005:11:18-13:48:18:109" -- [HKEY_LOCAL_MACHINE\Software\Aprps] [HKEY_LOCAL_MACHINE\Software\Aprps\Client] "PartnerId"="WB.VER2" ********** Removing hidden service: Service PDFSDDD removed. Removing hidden folder: Deletion of folder Lognikon succeeded! Deleting files: Deletion of file C:\WINDOWS\system32\drivers\nik1btxx.sys succeeded! Deletion of file C:\WINDOWS\system32\wiadimap.exe succeeded! Deletion of file C:\WINDOWS\system32\typuname.dll succeeded! Deletion of file C:\WINDOWS\system32\ahqtheme.exe succeeded! Backing up files: Done! Removing registry entries: REGEDIT4 [-HKEY_CURRENT_USER\Software\CyXR7AB3KUE5] [-HKEY_CURRENT_USER\Software\Aprps] [-HKEY_LOCAL_MACHINE\Software\CyXR7AB3KUE5] [-HKEY_LOCAL_MACHINE\Software\Aprps] Done! Finished!
	to forum · permalink · 2005-11-25 18:37:12 · (locked)
vamps @as9105.c	reply to CalamityJane All I can say is massive thanks...worked a treat. Log of AproposFix v1 ********** Running from directory: C:\Documents and Settings\James\Desktop\aproposfix ******** Registry entries found: [HKEY_LOCAL_MACHINE\Software\CqXloAxofS65] @="ZWSKZKThiihiiji38eaPnVhiihxkiD:4y5D9iZfZaLToniKYPcLYZiUaMaWVYajZfZ" "Device"="\\\\.\\MRxti2o" "DriverPath"="C:\\WINDOWS\\system32\\drivers\\ntftport.sys" "DriverName"="spldsdm" "HideUninstallerName"="C:\\Program Files\\Hipnero\\irmstcln.exe" "UninstallerPath"="C:\\WINDOWS\\system32\\shadivx.exe" "UninstallerRegKey"="HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{46C70C10-D287-4E45-A8B9-0CF3A8D7B719}" "UninstallerParams"="/CTUN" "HDll"="C:\\WINDOWS\\system32\\qapbdlv1.dll" "ServerAddress"="adchannel.contextplus.net" "LegalNote"="http://adchannel.contextplus.net/legal-note/nonbranded.html" "PartnerId"="CP.IST2" "InstallationId"="{Xbbc7a89-27dd-04bb-000a-1f4b14ec79f1}" "PageFiltering"=dword:00000002 "CrMnTmt"=dword:0036ee80 ********** Removing hidden service: Service spldsdm removed. Removing hidden folder: Deletion of folder Hipnero succeeded! Deleting files: Deletion of file C:\WINDOWS\system32\drivers\ntftport.sys succeeded! Deletion of file C:\WINDOWS\system32\conmshta.exe succeeded! Deletion of file C:\WINDOWS\system32\qapbdlv1.dll succeeded! Deletion of file C:\WINDOWS\system32\shadivx.exe succeeded! Backing up files: Done! Removing registry entries: REGEDIT4 [-HKEY_CURRENT_USER\Software\CqXloAxofS65] [-HKEY_LOCAL_MACHINE\Software\CqXloAxofS65] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{46C70C10-D287-4E45-A8B9-0CF3A8D7B719}] Done! Finished!
	to forum · permalink · 2005-11-25 04:47:09 · (locked)


Tuesday, 01-Dec 02:05:46	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. republican-creole page compression OFF