Had some sort of Virus attack recently, managed to get almost eVrything back to normal, accept. Certain keys on the keyboard still dont work. the V, X, hash and Ctrl keys. also seem to be haing problems keeping rid of Anti-spyware eXpert, on each re-boot. hae run combi-fiX and malware bytes and anti mal ware programs which seem to hae cleaned eerything eccept these last few probs metioned aboVe.

Cant thin of anyting else to try so hope you can help me..

Heres my dss log

Deckard's System Scanner v20071014.68
Run by Lloyd on 2008-08-04 14:16:55
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Lloyd.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:57, on 04/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\BisonCam\BisonTrayIcon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\RM\RMSmartCacheClient.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Function Key Controller\FKC.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Lloyd\Desktop\T\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Lloyd.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.altavista.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.5:8080
O2 - BHO: (no name) - {066A8A42-9DE6-41F7-951C-E2C4B8C5E3CB} - (no file)
O2 - BHO: (no name) - {0A4BCA3F-20AE-4D57-BF12-E0F9889B5936} - (no file)
O2 - BHO: (no name) - {1F74541A-453A-4D4E-A04A-9B59ABAD8DC0} - (no file)
O2 - BHO: (no name) - {3AA6678D-1CE0-499E-B9F6-8444DEE39D88} - (no file)
O2 - BHO: (no name) - {4E403F85-EC76-4BE2-A725-3BC85083CE94} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5AB3BE1C-DD9E-4D52-8C8E-C814BC8042A0} - (no file)
O2 - BHO: (no name) - {69357346-9FB0-45A9-ADF2-7A2E936FF1A5} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {82F316F8-08C5-48A8-93D8-12702A368C1C} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {994FC4B2-F935-4F6A-91EA-06DE43A21134} - (no file)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BisonTrayIcon] C:\WINDOWS\BisonCam\BisonTrayIcon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [RMSmartCache] C:\Program Files\RM\RMSmartCacheClient.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [FunctionKeyCtrl] C:\Program Files\Function Key Controller\FKC.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [ntoskrnl] C:\ntkrnl.exe
O4 - HKLM\..\Run: [2c62e800] rundll32.exe "C:\WINDOWS\system32\kysnlcxa.dll",b
O4 - HKLM\..\Run: [lphctalj0e57n] C:\WINDOWS\system32\lphctalj0e57n.exe
O4 - HKLM\..\Run: [SMrhcpalj0e57n] C:\Program Files\rhcpalj0e57n\rhcpalj0e57n.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1201296427945
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/...owserPlugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark Measurement Services Client) - http://www.yougamers.com/systeminfo/MSC3.cab
O20 - Winlogon Notify: awtqrsQj - C:\WINDOWS\
O21 - SSODL: evgratsm - {AC2F9F8E-0A7F-4BD8-8A43-836DB9F754D2} - (no file)
O21 - SSODL: kvxqmtre - {70CDF78A-C4D1-461A-9C8C-33ED87AFCA1C} - (no file)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - file:///C:/Documents%20and%20Settings/Lloyd/Local%20Settings/Application%20Data/Microsoft/Wallpaper1.bmp

--
End of file - 9209 bytes

-- Files created between 2008-07-04 and 2008-08-04 -----------------------------

2008-08-04 13:34:25 68096 --a------ C:\WINDOWS\zip.exe
2008-08-04 13:34:25 49152 --a------ C:\WINDOWS\VFind.exe
2008-08-04 13:34:25 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-08-04 13:34:25 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-08-04 13:34:25 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-08-04 13:34:25 98816 --a------ C:\WINDOWS\sed.exe
2008-08-04 13:34:25 80412 --a------ C:\WINDOWS\grep.exe
2008-08-04 13:34:25 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-08-04 00:43:04 0 d-------- C:\Documents and Settings\Lloyd\Application Data\Malwarebytes
2008-08-04 00:43:01 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-04 00:43:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-04 00:40:56 0 d-------- C:\Program Files\Trend Micro
2008-08-02 18:29:35 0 d-------- C:\WINDOWS\system32\appmgmt
2008-08-02 14:12:13 0 dr-h----- C:\Documents and Settings\Lloyd\Recent
2008-07-31 03:53:08 0 d-------- C:\Program Files\Function Key Controller
2008-07-29 23:55:13 0 d-------- C:\Program Files\MSBuild
2008-07-29 23:53:31 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-07-29 23:52:34 0 d-------- C:\Program Files\Reference Assemblies
2008-07-29 23:47:32 0 d-------- C:\Program Files\Gas Powered Games
2008-07-25 00:47:58 0 d-------- C:\Documents and Settings\Lloyd\Application Data\SystemRequirementsLab
2008-07-23 22:17:39 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-23 22:17:32 0 d-------- C:\Documents and Settings\Lloyd\Application Data\Mozilla
2008-07-13 19:45:45 0 d-------- C:\WINDOWS\system32\Futuremark
2008-07-08 10:10:58 0 d-------- C:\Program Files\Common Files\Renesas
2008-07-08 10:10:40 0 d-------- C:\Documents and Settings\All Users\Application Data\SafeNet Sentinel
2008-07-08 10:04:48 26368 -----n--- C:\WINDOWS\system32\drivers\HmseUsb.sys <Not Verified; Renesas Technology Corp.; HmseUsb Driver>
2008-07-08 10:04:48 46976 --a------ C:\WINDOWS\system32\drivers\E1usb.sys <Not Verified; Renesas Technology Corp.; Renesas High-performance Embedded Workshop>
2008-07-08 10:03:31 446464 --a------ C:\WINDOWS\system32\hhactivex.dll <Not Verified; Blue Sky Software Corporation.; RoboHELP HTML 2000>
2008-07-08 10:02:57 0 d-------- C:\WorkSpace
2008-07-08 10:02:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Renesas
2008-07-08 10:02:07 0 d-------- C:\Program Files\Renesas
2008-07-06 22:14:43 0 d-------- C:\Program Files\2142
2008-07-06 18:09:16 654 --a------ C:\WINDOWS\eReg.dat


-- Find3M Report ---------------------------------------------------------------

2008-08-04 13:36:34 0 d-------- C:\Program Files\Common Files
2008-08-04 12:40:29 0 d-------- C:\Documents and Settings\Lloyd\Application Data\AVG7
2008-08-03 22:57:28 0 d-------- C:\Program Files\Warcraft III
2008-08-02 16:20:41 0 d-------- C:\Program Files\Darwinia
2008-07-31 03:53:08 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-07-31 02:29:39 15 --a------ C:\Documents and Settings\Lloyd\Application Data\settings.ini
2008-07-25 00:48:02 0 d-------- C:\Program Files\SystemRequirementsLab
2008-07-21 21:16:12 0 d-------- C:\Program Files\WC3Banlist
2008-07-21 18:44:31 0 d-------- C:\Program Files\CCleaner
2008-07-08 12:20:13 0 d-------- C:\Documents and Settings\Lloyd\Application Data\Adobe
2008-07-03 15:18:49 0 d-------- C:\Program Files\WinPcap
2008-07-02 21:33:00 0 d-------- C:\Documents and Settings\Lloyd\Application Data\My Battle for Middle-earth™ II Files
2008-07-01 22:11:33 0 d-------- C:\Program Files\Electronic Arts
2008-06-29 18:10:47 0 d-------- C:\Documents and Settings\Lloyd\Application Data\Ventrilo
2008-06-25 23:03:41 271237 --a------ C:\Documents and Settings\Lloyd\Application Data\NMM-MetaData.db
2008-06-19 14:18:23 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-06-19 14:15:14 0 d-------- C:\Documents and Settings\Lloyd\Application Data\DAEMON Tools
2008-06-18 13:48:54 0 d-------- C:\Program Files\Theme Park World Fix
2008-06-16 01:21:34 0 d-------- C:\Documents and Settings\Lloyd\Application Data\teamspeak2
2008-06-16 00:24:20 0 d-------- C:\Program Files\Ventrilo
2008-06-16 00:24:03 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-14 14:13:35 0 d-------- C:\Program Files\Bullfrog
2008-06-13 14:54:29 0 d-------- C:\Program Files\Yeti Studios
2008-06-11 11:26:09 0 d-------- C:\Documents and Settings\Lloyd\Application Data\Nokia Multimedia Player
2008-06-10 22:50:33 0 d-------- C:\Program Files\Common Files\BioWare
2008-06-08 14:08:08 8192 --a------ C:\WINDOWS\d3dx.dat
2008-06-08 13:39:45 0 d-------- C:\Documents and Settings\Lloyd\Application Data\My Battle for Middle-earth Files
2008-06-07 19:46:22 0 d-------- C:\Documents and Settings\Lloyd\Application Data\dvdcss
2008-06-07 10:41:46 21840 --a------ C:\WINDOWS\system32\SIntfNT.dll
2008-06-07 10:41:46 17212 --a------ C:\WINDOWS\system32\SIntf32.dll
2008-06-07 10:41:46 12067 --a------ C:\WINDOWS\system32\SIntf16.dll
2008-06-06 20:27:48 0 d-------- C:\Program Files\DivX


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{066A8A42-9DE6-41F7-951C-E2C4B8C5E3CB}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0A4BCA3F-20AE-4D57-BF12-E0F9889B5936}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1F74541A-453A-4D4E-A04A-9B59ABAD8DC0}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3AA6678D-1CE0-499E-B9F6-8444DEE39D88}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E403F85-EC76-4BE2-A725-3BC85083CE94}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5AB3BE1C-DD9E-4D52-8C8E-C814BC8042A0}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{69357346-9FB0-45A9-ADF2-7A2E936FF1A5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{82F316F8-08C5-48A8-93D8-12702A368C1C}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{994FC4B2-F935-4F6A-91EA-06DE43A21134}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [29/06/2006 13:32 C:\WINDOWS\AGRSMMSG.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [11/08/2006 18:56]
"BisonTrayIcon"="C:\WINDOWS\BisonCam\BisonTrayIcon.exe" [06/10/2005 19:49]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [07/12/2005 23:57]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [18/05/2006 12:29]
"PRONoMgr.exe"="C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe" [18/12/2002 15:20]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [07/08/2007 01:05]
"RMSmartCache"="C:\Program Files\RM\RMSmartCacheClient.exe" [08/04/2004 11:06]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [27/06/2008 19:11]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [18/06/2007 16:10]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 22:16]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [20/10/2007 01:40]
"nwiz"="nwiz.exe" [20/10/2007 01:40 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [12/04/2007 17:33 C:\WINDOWS\RTHDCPL.exe]
"FunctionKeyCtrl"="C:\Program Files\Function Key Controller\FKC.exe" [25/05/2006 16:49]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [04/08/2004 13:00]
"ntoskrnl"="C:\ntkrnl.exe" []
"2c62e800"="C:\WINDOWS\system32\kysnlcxa.dll" []
"lphctalj0e57n"="C:\WINDOWS\system32\lphctalj0e57n.exe" []
"SMrhcpalj0e57n"="C:\Program Files\rhcpalj0e57n\rhcpalj0e57n.exe" []
"Alcmtr"="ALCMTR.EXE" [03/05/2005 18:43 C:\WINDOWS\Alcmtr.exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [31/08/2007 17:46]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [01/04/2008 10:39]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 13:00]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [11/12/2006 17:35:34]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtqrsQj]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Renesas AutoUpdate.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Renesas AutoUpdate.lnk
backup=C:\WINDOWS\pss\Renesas AutoUpdate.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ShellHWDetection"=2 (0x2)


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a5d4bac-e32a-11dc-80b1-001b77ba8498}]
AutoRun\command- F:\Launch.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20312c0e-ce81-11dc-808d-001b77ba8498}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL protector.exe
infected\command- protector.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71c30b12-d252-11dc-8099-001b77ba8498}]
AutoRun\command- F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{863b0d5b-192e-11dd-8105-001b77ba8498}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL protector.exe
infected\command- protector.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6ccd172-d3e3-11dc-809d-001b77ba8498}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL protector.exe
infected\command- F:\protector.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a74a5020-4ccc-11dd-816c-001b77ba8498}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL protector.exe
infected\command- G:\protector.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5392c31-11dc-11dd-80f9-001b77ba8498}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL protector.exe
infected\command- F:\protector.exe




-- End of Deckard's System Scanner: finished at 2008-08-04 14:17:13 ------------



many thanks

tom

I have moved your Topic that includes a HijackThis log here to the Misplaced HJT Logs forum. You posted your log in a forum not intended for HijackThis logs analysis and probably missed the directions we provide to those who require assistance. We can only allow topics with such logs in the HijackThis Logs and Malware Removal forum. This restriction is to ensure you get the best help available, from those who specialize in malware anlaysis and removal. It also should prevent you from receiving ineffective or even potentially dangerous advice, whether well meaning or not.

Prior to posting a HJT log, we ask that you please read and follow all instructions in the pinned topic titled Preparation Guide For Use Before Posting A Hijackthis Log. Following the steps in this Guide will allow the HJT Team to quickly help you with specific fixes for what may remain on your system.

Please complete all the steps in the Guide. If you have performed some of them already, then just continue with the next. There are instructions for downloading and running Deckard's System Scanner (DSS) which will create a hijackthis log for you, or automatically download and install the most current version of HijackThis if it's not already installed on your computer.

Please note that it is important that Deckard's System Scanner be run and a log created while in normal mode. If you run it and create your log while in safe mode, you will be asked to redo it again properly. When you have completed those steps, start a new topic in the HijackThis Logs and Malware Removal forum as directed in the Guide to post a new log.

Please DO NOT post any more logs to this topic, or post a log again in the wrong forum.

The Misplaced HJT Logs forum is strictly a holding area where the BC Staff can assist you with preparations for and to properly post your log. If you have a question or encounter a problem in the Prep Guide, please do post back to this topic; that is what it is here for.

When your new HJT log is posted in the proper forum, please reply to this topic with a link to your new topic. Once that is done, a Member of the HJT Team will analyze your log and assist you with step by step instructions to clean your computer or otherwise advise what needs to be done.

Thanks for your cooperation and good luck.
The BC Staff