Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

running slow with tons of spyware NEED HELP [CLOSED]

Started by svhall60 , Jan 28 2008 11:27 AM

  • This topic is locked This topic is locked

#1
svhall60
Posted 28 January 2008 - 11:27 AM

svhall60

    New Member

  • Member
  • Pip
  • 1 posts
Deckard's System Scanner v20071014.68
Run by LH on 2008-01-28 07:28:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
89: 2008-01-28 12:29:11 UTC - RP499 - Deckard's System Scanner Restore Point
88: 2008-01-21 17:48:32 UTC - RP498 - System Checkpoint
87: 2008-01-19 15:43:34 UTC - RP497 - System Checkpoint
86: 2008-01-18 14:43:34 UTC - RP496 - System Checkpoint
85: 2008-01-17 13:43:35 UTC - RP495 - System Checkpoint


-- First Restore Point --
1: 2007-10-24 20:46:20 UTC - RP411 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 76% (more than 75%).
Total Physical Memory: 255 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-28 07:32:24
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\services.exe
C:\WINDOWS\SYSTEM32\lsass.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\SYSTEM32\spoolsv.exe
C:\WINDOWS\SYSTEM32\$sys$filesystem\$sys$DRMServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\CDProxyServ.exe
C:\WINDOWS\SYSTEM32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SYSTEM32\nvsvc32.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\Program Files\Video Add-on\icthis.exe
C:\Program Files\Video Add-on\isfmntr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Video Add-on\icmntr.exe
C:\WINDOWS\SYSTEM32\ctfmon.exe
C:\Program Files\Video Add-on\isfmm.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
C:\WINDOWS\SYSTEM32\msiexec.exe
C:\Program Files\Video Add-on\isfmm.exe
F:\Cleaning tools\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\NppBHO.dll
O2 - BHO: (no name) - {21ECA600-72B5-4E66-BB2E-573C92CBD8D6} - C:\Program Files\Video Add-on\isfmdl.dll
O2 - BHO: {b4f89efb-1884-91ab-38b4-850812e94dd2} - {2dd49e21-8058-4b83-ba19-4881bfe98f4b} - C:\WINDOWS\system32\ispkcqlb.dll (file missing)
O2 - BHO: (no name) - {4583C29A-0573-4634-A597-0091F9011CC1} - C:\WINDOWS\system32\iypxdnlr.dll (file missing)
O2 - BHO: 0 - {54BEC793-1168-40AA-BCB3-35942D9D7455} - C:\Program Files\ComPlus Applications\vikixe171.dll (file missing)
O2 - BHO: (no name) - {6d8b4d4c-d670-4ef0-9c80-9d14780232fc} - C:\WINDOWS\system32\dmldit.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7B4880CD-8DA9-4976-AEAB-855D14B241ED} - C:\WINDOWS\inf\ilbidsk.dll (file missing)
O2 - BHO: DeskalertsBHO - {A3C4A35F-2E92-4539-8F7F-5A0117F914A3} - C:\Program Files\DeskAlerts\deskbar.dll (file missing)
O2 - BHO: (no name) - {C473B33C-E0CF-4F5F-B69B-429F92D15235} - C:\WINDOWS\system32\iypxdnlr.dll (file missing)
O2 - BHO: (no name) - {E7C6E6CA-279B-4FE8-9A31-6B7F1FE89BE5} - C:\WINDOWS\SYSTEM32\ssqpn.dll
O2 - BHO: (no name) - {E99FAB2B-3BB0-4A4F-EE54-37761E6003C9} - C:\WINDOWS\system32\bcdxkbd.dll (file missing)
O2 - BHO: (no name) - {EA9FAB29-3BC3-3F4B-EE2B-4F76626903CC} - C:\WINDOWS\system32\bcdxkbd.dll (file missing)
O2 - BHO: (no name) - {EC95A57E-6DCB-394D-E52B-4F76626902C2} - C:\WINDOWS\system32\ipf.dll (file missing)
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8685CC} - C:\Program Files\Helper\1201009972.dll
O2 - BHO: (no name) - {F7AB9D71-FF48-4F95-A14F-FCFB685E0AA2} - C:\WINDOWS\system32\iypxdnlr.dll (file missing)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.7\UIBHO.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program Files\Video Add-on\icthis.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Video Add-on\isfmntr.exe
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - Winlogon Notify: dmldit - C:\WINDOWS\system32\dmldit.dll (file missing)
O20 - Winlogon Notify: khfeecd - C:\WINDOWS\system32\khfeecd.dll (file missing)
O20 - Winlogon Notify: mnapqmtl - C:\WINDOWS\system32\mnapqmtl.dll (file missing)
O20 - Winlogon Notify: ssqpn - C:\WINDOWS\SYSTEM32\ssqpn.dll
O20 - Winlogon Notify: vturo - C:\WINDOWS\system32\vturo.dll (file missing)
O22 - SharedTaskScheduler: aposiopetic - {91316323-2ad5-4794-9589-52a2eaa60a68} - C:\WINDOWS\SYSTEM32\shlahsd.dll
O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - First 4 Internet Ltd - C:\WINDOWS\SYSTEM32\$sys$filesystem\$sys$DRMServer.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\SYSTEM32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\SYSTEM32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O24 - Desktop Component 0: - C:\Program Files\ComPlus Applications\zysoma.html

--
End of file - 7479 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 $sys$cor - c:\windows\system32\drivers\$sys$cor.sys <Not Verified; First 4 Internet; Essential System Tools>
R1 $sys$crater - c:\windows\system32\$sys$filesystem\crater.sys <Not Verified; First 4 Internet; Essential System Tools>
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>

S3 o1394bul - c:\documents and settings\taylor\local settings\temp\o1394bul.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 $sys$DRMServer (Plug and Play Device Manager) - c:\windows\system32\$sys$filesystem\$sys$drmserver.exe <Not Verified; First 4 Internet Ltd; >
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 CD_Proxy (XCP CD Proxy) - c:\windows\cdproxyserv.exe <Not Verified; ; CdProxy Application>

S2 cmdService (Command Service) -
S2 DomainService -
S2 Network Monitor -


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-01-22 03:30:00 436 --a------ C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job
2008-01-17 16:57:26 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-12-28 and 2008-01-28 -----------------------------

2008-01-28 07:09:22 185686 ---hs---- C:\WINDOWS\system32\npqss.ini2
2008-01-28 07:01:18 0 dr-h----- C:\Documents and Settings\Linda Hall\Recent
2008-01-22 12:21:13 0 d-------- C:\Program Files\Norton 360
2008-01-22 12:17:35 0 d-------- C:\Program Files\Symantec
2008-01-22 12:17:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-22 12:16:42 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-22 11:34:12 89664 --a------ C:\WINDOWS\system32\wgyjfxom.dll
2008-01-22 08:53:14 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-22 08:53:10 0 d-------- C:\Program Files\VirusProtect 3.9
2008-01-22 08:52:52 0 d-------- C:\Program Files\Helper
2008-01-22 08:52:38 0 d-------- C:\Program Files\Video Add-on
2008-01-18 18:49:26 88128 --a------ C:\WINDOWS\system32\toqtuahu.dll


-- Find3M Report ---------------------------------------------------------------

2008-01-27 20:50:55 183608 --ahs---- C:\WINDOWS\system32\npqss.bak1
2008-01-27 20:50:41 183608 --ahs---- C:\WINDOWS\system32\npqss.bak2
2008-01-22 12:21:02 0 d-------- C:\Program Files\Common Files
2008-01-22 11:42:20 0 d-------- C:\Program Files\LimeWire
2008-01-22 08:52:43 13312 --a-s---- C:\WINDOWS\system32\shlahsd.dll
2008-01-18 14:47:11 0 d-------- C:\Documents and Settings\Linda Hall\Application Data\LimeWire
2007-12-26 12:34:02 0 d-------- C:\Documents and Settings\Linda Hall\Application Data\Adobe
2007-12-11 06:57:27 0 d-------- C:\Program Files\WinPop
2007-12-11 06:57:26 0 d-------- C:\Program Files\Windows NT
2007-12-02 16:58:07 932 --a------ C:\WINDOWS\system32\winpfz32.sys
2007-11-30 19:04:53 0 d-------- C:\Documents and Settings\Linda Hall\Application Data\Skype
2007-11-03 15:31:06 87616 --a------ C:\WINDOWS\system32\etkhbygb.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21ECA600-72B5-4E66-BB2E-573C92CBD8D6}]
01/28/2008 06:55 AM 11776 --a------ C:\Program Files\Video Add-on\isfmdl.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2dd49e21-8058-4b83-ba19-4881bfe98f4b}]
C:\WINDOWS\system32\ispkcqlb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4583C29A-0573-4634-A597-0091F9011CC1}]
C:\WINDOWS\system32\iypxdnlr.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54BEC793-1168-40AA-BCB3-35942D9D7455}]
C:\Program Files\ComPlus Applications\vikixe171.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6d8b4d4c-d670-4ef0-9c80-9d14780232fc}]
C:\WINDOWS\system32\dmldit.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B4880CD-8DA9-4976-AEAB-855D14B241ED}]
C:\WINDOWS\inf\ilbidsk.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3C4A35F-2E92-4539-8F7F-5A0117F914A3}]
C:\Program Files\DeskAlerts\deskbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C473B33C-E0CF-4F5F-B69B-429F92D15235}]
C:\WINDOWS\system32\iypxdnlr.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7C6E6CA-279B-4FE8-9A31-6B7F1FE89BE5}]
08/12/2007 05:58 PM 231520 --a------ C:\WINDOWS\system32\ssqpn.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E99FAB2B-3BB0-4A4F-EE54-37761E6003C9}]
C:\WINDOWS\system32\bcdxkbd.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EA9FAB29-3BC3-3F4B-EE2B-4F76626903CC}]
C:\WINDOWS\system32\bcdxkbd.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EC95A57E-6DCB-394D-E52B-4F76626902C2}]
C:\WINDOWS\system32\ipf.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F10587E9-0E47-4CBE-84AE-7DD20B8685CC}]
01/22/2008 08:52 AM 15872 --a------ C:\Program Files\Helper\1201009972.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F7AB9D71-FF48-4F95-A14F-FCFB685E0AA2}]
C:\WINDOWS\system32\iypxdnlr.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{821F87FF-8245-4972-9E28-732E92EC2F51}"= C:\Program Files\VSToolbar\VSToolBar.dll [ ]
"{C4DFA6F3-1245-41E5-8E60-7D31427F01B3}"= C:\Program Files\Video Add-on\ictmdl.dll [01/22/2008 08:52 AM 73728]

[-HKEY_CLASSES_ROOT\CLSID\{821F87FF-8245-4972-9E28-732E92EC2F51}]

[-HKEY_CLASSES_ROOT\CLSID\{C4DFA6F3-1245-41E5-8E60-7D31427F01B3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [07/17/2007 08:54 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56 AM]

C:\Documents and Settings\Linda Hall\Start Menu\Programs\Startup\
DESKTOP.INI [3/20/2004 12:58:38 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [9/10/2004 1:52:16 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"some"=C:\Program Files\Video Add-on\icthis.exe
"start"=C:\Program Files\Video Add-on\isfmntr.exe

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Program Files\ComPlus Applications\zysoma.html
FriendlyName=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{91316323-2ad5-4794-9589-52a2eaa60a68}"= C:\WINDOWS\system32\shlahsd.dll [01/22/2008 08:52 AM 13312]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dmldit]
dmldit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfeecd]
khfeecd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mnapqmtl]
mnapqmtl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqpn]
C:\WINDOWS\system32\ssqpn.dll 08/12/2007 05:58 PM 231520 C:\WINDOWS\SYSTEM32\ssqpn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vturo]
vturo.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bcmwltry]
bcmwltry.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BestPopUpKiller]
C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\conscorr]
C:\WINDOWS\conscorr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\System32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\diagent]
"C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDSentry]
C:\WINDOWS\System32\DSentry.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus C84 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P23 "EPSON Stylus C84 Series" /O6 "USB001" /M "Stylus C84"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
c:\PROGRA~1\mcafee.com\agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
C:\PROGRA~1\mcafee.com\agent\McUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
"C:\Program Files\Dell\Media Experience\PCMService.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\removecpl]
RemoveCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyKiller]
C:\Program Files\SpyKiller\spykiller.exe /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\UpdReg.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vckefch]
C:\WINDOWS\System32\qfoqgj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
"c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Win Server Updt]
C:\WINDOWS\wupdt.exe

*Newly Created Service* - COMHOST



-- End of Deckard's System Scanner: finished at 2008-01-28 07:36:44 ------------

Attached Files

  • Attached File  main.txt   19.97KB   185 downloads

  • 0

Advertisements

#2
Rorschach112
Posted 30 January 2008 - 01:03 PM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

Download ComboFix from one of the locations below, and save it to your Desktop.

Link 1
Link 2
Link 3

Double click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
  • 0

#3
Rorschach112
Posted 04 February 2008 - 07:53 AM

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP