Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Do I Have Any Dangers?


  • Please log in to reply
4 replies to this topic

#1 iDukeHelp

iDukeHelp

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Local time:05:51 PM

Posted 04 May 2008 - 03:46 PM

Hello. Well, my computer has been very slow for a while....


This is the MAIN.TXT thingy



Deckard's System Scanner v20071014.68
Run by Ali on 2008-05-04 16:43:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Ali.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:43:15 PM, on 5/4/2008
Platform: Windows XP SP3, v.3311 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Ali\Desktop\dss.exe
C:\PROGRA~1\Trend Micro\HijackThis\Ali.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.basilmarket.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\MPK\MPK.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\Star Downloader\SDIEInt.dll (file missing)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Verizon Custom Uninstall Tracking] C:\DOCUME~1\Ali\LOCALS~1\Temp\InstallHelper.exe /uninstalltrackingvendor=Verizon
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download with Star Downloader - C:\PROGRA~1\Star Downloader\sdie.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enqueue in Star Downloader - C:\PROGRA~1\Star Downloader\sdieenq.htm
O8 - Extra context menu item: Leech with Star Downloader - C:\PROGRA~1\Star Downloader\leechie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.basilmarket.com
O15 - Trusted Zone: http://fighterace.ketsujin.com
O15 - Trusted Zone: http://primary.ketsujin.com
O15 - Trusted Zone: http://update.ketsujin.com
O15 - Trusted Zone: http://www.ketsujin.com
O15 - Trusted Zone: www.ning.com
O15 - Trusted Zone: http://www.stormofaces.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1203297136531
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1203297129640
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 6596 bytes

-- Files created between 2008-04-04 and 2008-05-04 -----------------------------

2008-05-04 16:38:05 0 d-------- C:\Program Files\Trend Micro
2008-05-04 16:31:46 0 dr-h----- C:\Documents and Settings\Ali\Recent
2008-05-04 16:26:52 0 d-------- C:\Documents and Settings\Ali\.SunDownloadManager
2008-05-04 13:56:20 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-05-03 22:02:19 60416 --a------ C:\WINDOWS\ALCFDRTM.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek ALCFDRTM>
2008-05-03 22:02:18 0 d-------- C:\WINDOWS\system32\Lang
2008-05-01 21:28:36 0 d-------- C:\Program Files\Realtek AC97
2008-05-01 21:15:41 0 d-------- C:\Documents and Settings\Ali\.housecall6.6
2008-04-30 10:37:34 4194304 --a------ C:\Documents and Settings\Ali\ntuser.dat
2008-04-29 17:25:23 0 d-------- C:\Program Files\Cheat Engine
2008-04-27 11:43:48 0 d-------- C:\WINDOWS\nview
2008-04-27 08:23:24 0 d-------- C:\Program Files\Disney
2008-04-26 19:38:15 0 d-------- C:\Download
2008-04-26 19:34:14 348160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll <Not Verified; eSellerate Inc.; eSellerateEngine>
2008-04-26 19:34:14 81920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll <Not Verified; eSellerate Inc.; eSellerate ActiveX Control>
2008-04-22 12:20:51 0 d-------- C:\WINDOWS\.mpr_file_store_32
2008-04-22 12:20:46 0 d-------- C:\Program Files\MoparScape
2008-04-22 12:07:14 0 d-------- C:\WINDOWS\.silabclient_store_32
2008-04-21 21:38:47 0 d-------- C:\WINDOWS\system32\VITrans
2008-04-21 21:38:45 111104 --a------ C:\WINDOWS\system32\Uharc.exe
2008-04-21 21:38:45 19968 --a------ C:\WINDOWS\system32\reico.exe <Not Verified; Dead Knight; >
2008-04-21 21:38:45 94208 --a------ C:\WINDOWS\system32\pskill.exe <Not Verified; Sysinternals - www.sysinternals.com; Systems Internals pkill>
2008-04-21 21:38:45 8636 --a------ C:\WINDOWS\system32\modifype.exe
2008-04-21 08:51:51 0 d-------- C:\Documents and Settings\Ali\Application Data\MySQL
2008-04-21 08:31:30 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-21 08:29:22 0 d-------- C:\Program Files\Microsoft Visual Studio 9.0
2008-04-21 08:18:03 0 d-------- C:\Program Files\MySQL
2008-04-20 16:54:51 0 d-------- C:\Documents and Settings\Ali\Application Data\Hamachi
2008-04-16 19:10:09 0 d-------- C:\Program Files\GameSpy Arcade
2008-04-16 18:50:24 0 d-------- C:\Program Files\EA GAMES
2008-04-16 18:34:40 0 d-------- C:\Fraps
2008-04-13 19:33:10 0 d-------- C:\Program Files\Microsoft Bootvis
2008-04-12 10:01:16 0 d-------- C:\Documents and Settings\Administrator\Templates
2008-04-12 10:01:16 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-04-12 10:01:16 0 d-------- C:\Documents and Settings\Administrator\Local Settings
2008-04-12 10:01:16 0 d-------- C:\Documents and Settings\Administrator\Cookies
2008-04-12 10:01:16 0 d-------- C:\Documents and Settings\Administrator\Application Data
2008-04-12 10:01:16 0 d-------- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-04-11 16:35:51 229376 --a------ C:\Documents and Settings\LocalService\ntuser.dat
2008-04-09 16:24:07 0 d-------- C:\Program Files\BannedStory
2008-04-09 16:19:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-04-09 16:19:30 0 d-------- C:\Program Files\Common Files\Adobe AIR


-- Find3M Report ---------------------------------------------------------------

2008-05-04 16:31:37 0 d-------- C:\Program Files\LimeWire
2008-05-03 19:44:30 0 d-------- C:\Documents and Settings\Ali\Application Data\LimeWire
2008-04-29 17:26:50 0 d-------- C:\Program Files\Movie Maker
2008-04-29 17:26:48 0 d-------- C:\Program Files\Windows NT
2008-04-27 21:18:36 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-27 11:40:29 0 d-------- C:\Program Files\SystemRequirementsLab
2008-04-26 18:41:13 0 d-------- C:\Program Files\Messenger
2008-04-21 09:07:47 0 d-------- C:\Program Files\Common Files
2008-04-20 13:22:05 0 d-------- C:\Program Files\Lexmark X74-X75
2008-04-09 16:19:33 0 d-------- C:\Documents and Settings\Ali\Application Data\Adobe
2008-04-01 17:25:37 0 d-------- C:\Documents and Settings\Ali\Application Data\ESET
2008-04-01 16:56:57 0 d-------- C:\Program Files\Windows Media Connect 2
2008-03-31 14:45:53 0 d-------- C:\Documents and Settings\Ali\Application Data\SystemRequirementsLab
2008-03-25 07:22:43 0 d-------- C:\Documents and Settings\Ali\Application Data\Help
2008-03-21 10:21:47 0 d--h----- C:\Documents and Settings\Ali\Application Data\ijjigame
2008-03-19 19:37:11 0 d-------- C:\Program Files\Common Files\Motive
2008-03-09 18:41:45 0 d-------- C:\Program Files\ASUS
2008-03-09 18:04:30 0 d-------- C:\Program Files\Java
2008-03-08 22:09:41 0 d-------- C:\Documents and Settings\Ali\Application Data\WinRAR
2008-02-28 16:18:07 4212 ---h---c- C:\WINDOWS\system32\zllictbl.dat
2008-02-19 22:10:10 1279 --a----c- C:\WINDOWS\mozver.dat
2008-02-18 13:26:10 315392 --a----c- C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-02-17 23:02:43 845968 --a----c- C:\WINDOWS\system32\AI - Series.scr <Not Verified; Grooveware Multimedia; Screenweaver Shocked Edition>
2008-02-17 21:16:41 0 --a----c- C:\WINDOWS\nsreg.dat
2008-02-17 20:53:41 22 --a----c- C:\WINDOWS\FileName
2008-02-17 14:16:33 0 -rahs---- C:\MSDOS.SYS
2008-02-17 14:16:33 0 -rahs---- C:\IO.SYS
2008-02-17 14:16:33 0 --a------ C:\CONFIG.SYS
2008-02-17 14:14:28 21640 --a----c- C:\WINDOWS\system32\emptyregdb.dat
2008-02-17 09:09:58 62 --ahs--c- C:\Documents and Settings\Ali\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [06/29/2004 10:06 AM C:\WINDOWS\AGRSMMSG.exe]
"Lexmark X74-X75"="C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" [10/14/2002 04:09 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 05:25 AM]
"Verizon Custom Uninstall Tracking"="C:\DOCUME~1\Ali\LOCALS~1\Temp\InstallHelper.exe" []
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [03/13/2008 04:48 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 01:41 AM]
"nwiz"="nwiz.exe" [12/05/2007 01:41 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 01:41 AM]
"SoundMan"="SOUNDMAN.EXE" [04/16/2007 03:28 PM C:\WINDOWS\soundman.exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/12/2008 02:59 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [8/8/2000 4:00:00 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsMenu"=01000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\MPK\MPK.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli scecli scecli scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1bce6ad8-ddbc-11dc-98d0-806d6172696f}]
AutoRun\command- D:\Autorun.exe




-- End of Deckard's System Scanner: finished at 2008-05-04 16:44:56 ------------











NOTE: FOR SOME REASON, IT DID NOT SHOW THE "EXTRA.TXT" THINGY :thumbsup:

BC AdBot (Login to Remove)

 


#2 iDukeHelp

iDukeHelp
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Local time:05:51 PM

Posted 04 May 2008 - 06:43 PM

Anyone...?

#3 iDukeHelp

iDukeHelp
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Local time:05:51 PM

Posted 10 May 2008 - 07:23 PM

Merged topic. Original topic title: What Is Wrong?, I do not know what is happening ~ OB

Well, some how, some websites do not load at all. For example, www.disney.go.com, which is a Disney corporate website, does not work on my browser. I tried using IE7, while I use FireFox. Another thing that happens is that when I use the computer for about 30 minutes, it works fine, then another 20 minutes goes by, my internet degrades massively. What is the problem? Also, when I use DSS, it only gives me the main.txt file, not the extra.txt.


The Main.txt File

Deckard's System Scanner v20071014.68
Run by Ali on 2008-05-10 20:15:25
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Ali.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:15:26 PM, on 5/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Ali\Desktop\dss.exe
C:\PROGRA~1\Trend Micro\HijackThis\Ali.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.basilmarket.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\MPK\MPK.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\Star Downloader\SDIEInt.dll (file missing)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [Verizon Custom Uninstall Tracking] C:\DOCUME~1\Ali\LOCALS~1\Temp\InstallHelper.exe /uninstalltrackingvendor=Verizon
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download with Star Downloader - C:\PROGRA~1\Star Downloader\sdie.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enqueue in Star Downloader - C:\PROGRA~1\Star Downloader\sdieenq.htm
O8 - Extra context menu item: Leech with Star Downloader - C:\PROGRA~1\Star Downloader\leechie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.basilmarket.com
O15 - Trusted Zone: http://fighterace.ketsujin.com
O15 - Trusted Zone: http://primary.ketsujin.com
O15 - Trusted Zone: http://update.ketsujin.com
O15 - Trusted Zone: http://www.ketsujin.com
O15 - Trusted Zone: www.ning.com
O15 - Trusted Zone: http://www.stormofaces.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1203297136531
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1203297129640
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 6878 bytes

-- Files created between 2008-04-10 and 2008-05-10 -----------------------------

2008-05-10 20:12:25 0 dr-h----- C:\Documents and Settings\Ali\Recent
2008-05-06 18:57:40 0 d-------- C:\WINDOWS\Prefetch
2008-05-06 18:51:08 0 d-------- C:\WINDOWS\system32\scripting
2008-05-05 21:58:13 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-05-04 21:30:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-04 20:01:44 0 d-------- C:\Program Files\MSXML 4.0
2008-05-04 19:58:32 0 d-------- C:\Program Files\Microsoft Games
2008-05-04 19:10:23 0 d-------- C:\Program Files\Common Files\SWF Studio
2008-05-04 19:10:07 0 d-------- C:\WINDOWS\FSX Flight Weather Report
2008-05-04 16:38:05 0 d-------- C:\Program Files\Trend Micro
2008-05-04 16:26:52 0 d-------- C:\Documents and Settings\Ali\.SunDownloadManager
2008-05-03 22:02:19 60416 --a------ C:\WINDOWS\ALCFDRTM.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek ALCFDRTM>
2008-05-03 22:02:18 0 d-------- C:\WINDOWS\system32\Lang
2008-05-01 21:28:36 0 d-------- C:\Program Files\Realtek AC97
2008-05-01 21:15:41 0 d-------- C:\Documents and Settings\Ali\.housecall6.6
2008-04-30 10:37:34 4194304 --a------ C:\Documents and Settings\Ali\ntuser.dat
2008-04-29 17:25:23 0 d-------- C:\Program Files\Cheat Engine
2008-04-27 11:43:48 0 d-------- C:\WINDOWS\nview
2008-04-27 08:23:24 0 d-------- C:\Program Files\Disney
2008-04-26 19:38:15 0 d-------- C:\Download
2008-04-26 19:34:14 348160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll <Not Verified; eSellerate Inc.; eSellerateEngine>
2008-04-26 19:34:14 81920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll <Not Verified; eSellerate Inc.; eSellerate ActiveX Control>
2008-04-22 12:20:51 0 d-------- C:\WINDOWS\.mpr_file_store_32
2008-04-22 12:20:46 0 d-------- C:\Program Files\MoparScape
2008-04-22 12:07:14 0 d-------- C:\WINDOWS\.silabclient_store_32
2008-04-21 21:38:47 0 d-------- C:\WINDOWS\system32\VITrans
2008-04-21 21:38:45 111104 --a------ C:\WINDOWS\system32\Uharc.exe
2008-04-21 21:38:45 19968 --a------ C:\WINDOWS\system32\reico.exe <Not Verified; Dead Knight; >
2008-04-21 21:38:45 94208 --a------ C:\WINDOWS\system32\pskill.exe <Not Verified; Sysinternals - www.sysinternals.com; Systems Internals pkill>
2008-04-21 21:38:45 8636 --a------ C:\WINDOWS\system32\modifype.exe
2008-04-21 08:51:51 0 d-------- C:\Documents and Settings\Ali\Application Data\MySQL
2008-04-21 08:31:30 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-21 08:29:22 0 d-------- C:\Program Files\Microsoft Visual Studio 9.0
2008-04-21 08:18:03 0 d-------- C:\Program Files\MySQL
2008-04-20 16:54:51 0 d-------- C:\Documents and Settings\Ali\Application Data\Hamachi
2008-04-16 19:10:09 0 d-------- C:\Program Files\GameSpy Arcade
2008-04-16 18:50:24 0 d-------- C:\Program Files\EA GAMES
2008-04-16 18:34:40 0 d-------- C:\Fraps
2008-04-13 19:33:10 0 d-------- C:\Program Files\Microsoft Bootvis
2008-04-12 10:01:16 0 d-------- C:\Documents and Settings\Administrator\Templates
2008-04-12 10:01:16 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-04-12 10:01:16 0 d-------- C:\Documents and Settings\Administrator\Local Settings
2008-04-12 10:01:16 0 d-------- C:\Documents and Settings\Administrator\Cookies
2008-04-12 10:01:16 0 d-------- C:\Documents and Settings\Administrator\Application Data
2008-04-12 10:01:16 0 d-------- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-04-11 16:35:51 229376 --a------ C:\Documents and Settings\LocalService\ntuser.dat


-- Find3M Report ---------------------------------------------------------------

2008-05-07 19:15:09 0 d-------- C:\Program Files\Java
2008-05-06 18:51:24 0 d-------- C:\Program Files\Messenger
2008-05-06 18:51:05 0 d-------- C:\Program Files\Movie Maker
2008-05-06 18:48:57 0 d-------- C:\Program Files\Windows NT
2008-05-04 20:41:30 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-04 19:10:23 0 d-------- C:\Program Files\Common Files
2008-05-04 16:31:37 0 d-------- C:\Program Files\LimeWire
2008-05-03 19:44:30 0 d-------- C:\Documents and Settings\Ali\Application Data\LimeWire
2008-04-27 21:20:18 0 d-------- C:\Program Files\BannedStory
2008-04-27 11:40:29 0 d-------- C:\Program Files\SystemRequirementsLab
2008-04-20 13:22:05 0 d-------- C:\Program Files\Lexmark X74-X75
2008-04-09 16:19:33 0 d-------- C:\Documents and Settings\Ali\Application Data\Adobe
2008-04-09 16:19:30 0 d-------- C:\Program Files\Common Files\Adobe AIR
2008-04-01 17:25:37 0 d-------- C:\Documents and Settings\Ali\Application Data\ESET
2008-04-01 16:56:57 0 d-------- C:\Program Files\Windows Media Connect 2
2008-03-31 14:45:53 0 d-------- C:\Documents and Settings\Ali\Application Data\SystemRequirementsLab
2008-03-25 07:22:43 0 d-------- C:\Documents and Settings\Ali\Application Data\Help
2008-03-21 10:21:47 0 d--h----- C:\Documents and Settings\Ali\Application Data\ijjigame
2008-03-19 19:37:11 0 d-------- C:\Program Files\Common Files\Motive
2008-02-28 16:18:07 4212 ---h---c- C:\WINDOWS\system32\zllictbl.dat
2008-02-19 22:10:10 1279 --a----c- C:\WINDOWS\mozver.dat
2008-02-18 13:26:10 315392 --a----c- C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-02-17 23:02:43 845968 --a----c- C:\WINDOWS\system32\AI - Series.scr <Not Verified; Grooveware Multimedia; Screenweaver Shocked Edition>
2008-02-17 21:16:41 0 --a----c- C:\WINDOWS\nsreg.dat
2008-02-17 20:53:41 22 --a----c- C:\WINDOWS\FileName
2008-02-17 14:16:33 0 -rahs---- C:\MSDOS.SYS
2008-02-17 14:16:33 0 -rahs---- C:\IO.SYS
2008-02-17 14:16:33 0 --a------ C:\CONFIG.SYS
2008-02-17 14:14:28 21640 --a----c- C:\WINDOWS\system32\emptyregdb.dat
2008-02-17 09:09:58 62 --ahs--c- C:\Documents and Settings\Ali\Application Data\desktop.ini
2008-02-12 14:59:40 13312 --a------ C:\WINDOWS\system32\lsass(2).exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:59:34 1033728 --a------ C:\WINDOWS\explorer(2).exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:59:30 15360 --a------ C:\WINDOWS\system32\ctfmon(2).exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:59:30 6144 --a------ C:\WINDOWS\system32\csrss(2).exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:59:26 44544 --a------ C:\WINDOWS\system32\alg(2).exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:58 297984 --a------ C:\WINDOWS\system32\msctf(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:58 73728 --a------ C:\WINDOWS\system32\mscms(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:58 57344 --a------ C:\WINDOWS\system32\msasn1(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:58 71680 --a------ C:\WINDOWS\system32\msacm32(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:58 471552 --a------ C:\WINDOWS\system32\mqutil(2).dll <Not Verified; Microsoft Corporation; Microsoft Message Queue>
2008-02-12 14:58:58 95744 --a------ C:\WINDOWS\system32\mqsec(2).dll <Not Verified; Microsoft Corporation; Microsoft Message Queue>
2008-02-12 14:58:58 87040 --a------ C:\WINDOWS\system32\mprapi(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:58 59904 --a------ C:\WINDOWS\system32\mpr(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:58 18944 --a------ C:\WINDOWS\system32\midimap(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:56 14336 --a------ C:\WINDOWS\system32\mcastmib(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:56 18944 --a------ C:\WINDOWS\system32\lprmon(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:56 10240 --a------ C:\WINDOWS\system32\lprhelp(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:56 97280 --a------ C:\WINDOWS\system32\loadperf(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:56 33792 --a------ C:\WINDOWS\system32\lmmib2(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:56 19968 --a------ C:\WINDOWS\system32\linkinfo(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:54 299520 --a------ C:\WINDOWS\system32\kerberos(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:54 183808 --a------ C:\WINDOWS\system32\ipsecsvc(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:54 331264 --a------ C:\WINDOWS\system32\ipnathlp(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:54 94720 --a------ C:\WINDOWS\system32\iphlpapi(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:54 13312 --a------ C:\WINDOWS\system32\infoadmn(2).dll <Not Verified; Microsoft Corporation; Internet Information Services>
2008-02-12 14:58:54 75264 --a------ C:\WINDOWS\system32\inetpp(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:54 32768 --a------ C:\WINDOWS\system32\inetmib1(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:54 133632 --a------ C:\WINDOWS\system32\iisrtl(2).dll <Not Verified; Microsoft Corporation; Internet Information Services>
2008-02-12 14:58:54 64512 --a------ C:\WINDOWS\system32\iismap(2).dll <Not Verified; Microsoft Corporation; Internet Information Services>
2008-02-12 14:58:54 8192 --a------ C:\WINDOWS\system32\igmpagnt(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:54 11264 --a------ C:\WINDOWS\system32\icaapi(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:52 39936 --a------ C:\WINDOWS\system32\hostmib(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:52 344064 --a------ C:\WINDOWS\system32\hnetcfg(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:50 14336 --a------ C:\WINDOWS\system32\exstrace(2).dll <Not Verified; Microsoft Corporation; Internet Information Services>
2008-02-12 14:58:50 101888 --a------ C:\WINDOWS\system32\evntagnt(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:50 56320 --a------ C:\WINDOWS\system32\eventlog(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:50 1082368 --a------ C:\WINDOWS\system32\esent(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:50 246272 --a------ C:\WINDOWS\system32\es(2).dll <Not Verified; Microsoft Corporation; COM Services>
2008-02-12 14:58:50 23040 --a------ C:\WINDOWS\system32\ersvc(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:50 304128 --a------ C:\WINDOWS\system32\duser(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 14336 --a------ C:\WINDOWS\system32\drprov(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 45568 --a------ C:\WINDOWS\system32\dnsrslvr(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 147456 --a------ C:\WINDOWS\system32\dnsapi(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 23552 --a------ C:\WINDOWS\system32\dmserver(2).dll <Not Verified; Microsoft Corp.; Logical Disk Manager for Windows NT>
2008-02-12 14:58:48 25088 --a------ C:\WINDOWS\system32\davclnt(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 326656 --a------ C:\WINDOWS\system32\cscui(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 101888 --a------ C:\WINDOWS\system32\cscdll(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 512512 --a------ C:\WINDOWS\system32\cryptui(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 62464 --a------ C:\WINDOWS\system32\cryptsvc(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 33280 --a------ C:\WINDOWS\system32\cryptdll(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 599040 --a------ C:\WINDOWS\system32\crypt32(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 163840 --a------ C:\WINDOWS\system32\credui(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:48 1267200 --a------ C:\WINDOWS\system32\comsvcs(2).dll <Not Verified; Microsoft Corporation; COM Services>
2008-02-12 14:58:48 792064 --a------ C:\WINDOWS\system32\comres(2).dll <Not Verified; Microsoft Corporation; COM Services>
2008-02-12 14:58:48 60416 --a------ C:\WINDOWS\system32\colbact(2).dll <Not Verified; Microsoft Corporation; COM Services>
2008-02-12 14:58:46 47104 --a------ C:\WINDOWS\system32\cnbjmon(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:46 58368 --a------ C:\WINDOWS\system32\clusapi(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:46 498688 --a------ C:\WINDOWS\system32\clbcatq(2).dll <Not Verified; Microsoft Corporation; COM Services>
2008-02-12 14:58:46 194560 --a------ C:\WINDOWS\system32\certcli(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:46 60416 --a------ C:\WINDOWS\system32\cabinet(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:46 1025024 --a------ C:\WINDOWS\system32\browseui(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:46 77824 --a------ C:\WINDOWS\system32\browser(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:46 29184 --a------ C:\WINDOWS\system32\batmeter(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:46 62464 --a------ C:\WINDOWS\system32\authz(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:46 42496 --a------ C:\WINDOWS\system32\audiosrv(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:44 143360 --a------ C:\WINDOWS\system32\adsldpc(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:44 43520 --a------ C:\WINDOWS\system32\admwprox(2).dll <Not Verified; Microsoft Corporation; Internet Information Services>
2008-02-12 14:58:44 98304 --a------ C:\WINDOWS\system32\actxprxy(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:58:44 193536 --a------ C:\WINDOWS\system32\activeds(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:55:44 16896 --a------ C:\WINDOWS\system32\cfgmgr32(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 14:55:40 285696 --a------ C:\WINDOWS\system32\atmfd(2).dll <Not Verified; Adobe Systems Incorporated; Adobe Type Manager>
2008-02-12 01:29:02 63488 --a------ C:\WINDOWS\system32\browselc(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-02-12 01:04:40 138752 --a------ C:\WINDOWS\system32\dssenh(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [06/29/2004 10:06 AM C:\WINDOWS\AGRSMMSG.exe]
"Lexmark X74-X75"="C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" [10/14/2002 04:09 PM]
"Verizon Custom Uninstall Tracking"="C:\DOCUME~1\Ali\LOCALS~1\Temp\InstallHelper.exe" []
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [03/13/2008 04:48 PM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 01:41 AM]
"nwiz"="nwiz.exe" [12/05/2007 01:41 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 01:41 AM]
"SoundMan"="SOUNDMAN.EXE" [04/16/2007 03:28 PM C:\WINDOWS\soundman.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 05:42 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [8/8/2000 4:00:00 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsMenu"=01000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\MPK\MPK.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli scecli scecli scecli scecli scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc




-- End of Deckard's System Scanner: finished at 2008-05-10 20:17:33 ------------



The Extra.txt File

It didn't provide me with one :thumbsup:

Edited by Orange Blossom, 10 May 2008 - 08:25 PM.


#4 iDukeHelp

iDukeHelp
  • Topic Starter

  • Members
  • 170 posts
  • OFFLINE
  •  
  • Local time:05:51 PM

Posted 15 May 2008 - 09:06 PM

Well, I've been getting very HARSH things happening to my computer that ranges from BSOD to Lag Spikes to Internet slow downs....






[MAIN.TXT]



Deckard's System Scanner v20071014.68
Run by Ali on 2008-05-15 22:02:23
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Ali.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:02:29 PM, on 5/15/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Ali\Desktop\dss.exe
C:\PROGRA~1\Trend Micro\HijackThis\Ali.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\MPK\MPK.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\Star Downloader\SDIEInt.dll (file missing)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [Verizon Custom Uninstall Tracking] C:\DOCUME~1\Ali\LOCALS~1\Temp\InstallHelper.exe /uninstalltrackingvendor=Verizon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download with Star Downloader - C:\PROGRA~1\Star Downloader\sdie.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enqueue in Star Downloader - C:\PROGRA~1\Star Downloader\sdieenq.htm
O8 - Extra context menu item: Leech with Star Downloader - C:\PROGRA~1\Star Downloader\leechie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.basilmarket.com
O15 - Trusted Zone: http://fighterace.ketsujin.com
O15 - Trusted Zone: http://primary.ketsujin.com
O15 - Trusted Zone: http://update.ketsujin.com
O15 - Trusted Zone: http://www.ketsujin.com
O15 - Trusted Zone: www.ning.com
O15 - Trusted Zone: http://www.stormofaces.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1203297136531
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1203297129640
O20 - AppInit_DLLs:
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 6764 bytes

-- Files created between 2008-04-15 and 2008-05-15 -----------------------------

2008-05-15 22:02:11 0 dr-h----- C:\Documents and Settings\Ali\Recent
2008-05-14 15:46:09 0 d-------- C:\Documents and Settings\Ali\Application Data\Ventrilo
2008-05-12 21:20:09 141312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-05-12 21:20:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-05-12 21:20:09 0 d-------- C:\Documents and Settings\Ali\Application Data\Spyware Terminator
2008-05-12 21:20:07 0 d-------- C:\Program Files\Spyware Terminator
2008-05-12 21:19:40 0 d-------- C:\Program Files\Alwil Software
2008-05-12 21:18:39 0 d-------- C:\Documents and Settings\Ali\Application Data\Comodo
2008-05-12 18:23:32 557056 --a------ C:\Documents and Settings\Ali\GoToAssist_phone__317_en.exe <Not Verified; Citrix Online; GoToAssist>
2008-05-12 18:06:26 0 d-------- C:\WINDOWS\system32\NtmsData
2008-05-12 16:14:23 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-05-10 22:17:03 0 d-------- C:\KAV
2008-05-06 18:57:40 0 d-------- C:\WINDOWS\Prefetch
2008-05-06 18:51:08 0 d-------- C:\WINDOWS\system32\scripting
2008-05-04 21:30:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-04 19:10:23 0 d-------- C:\Program Files\Common Files\SWF Studio
2008-05-04 19:10:07 0 d-------- C:\WINDOWS\FSX Flight Weather Report
2008-05-04 16:38:05 0 d-------- C:\Program Files\Trend Micro
2008-05-04 16:26:52 0 d-------- C:\Documents and Settings\Ali\.SunDownloadManager
2008-05-03 22:02:19 60416 --a------ C:\WINDOWS\ALCFDRTM.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek ALCFDRTM>
2008-05-03 22:02:18 0 d-------- C:\WINDOWS\system32\Lang
2008-05-01 21:28:36 0 d-------- C:\Program Files\Realtek AC97
2008-05-01 21:15:41 0 d-------- C:\Documents and Settings\Ali\.housecall6.6
2008-04-30 10:37:34 4456448 --a------ C:\Documents and Settings\Ali\ntuser.dat
2008-04-27 11:43:48 0 d-------- C:\WINDOWS\nview
2008-04-26 19:34:14 348160 --a------ C:\WINDOWS\system32\eSellerateEngine.dll <Not Verified; eSellerate Inc.; eSellerateEngine>
2008-04-26 19:34:14 81920 --a------ C:\WINDOWS\system32\eSellerateControl350.dll <Not Verified; eSellerate Inc.; eSellerate ActiveX Control>
2008-04-22 12:20:51 0 d-------- C:\WINDOWS\.mpr_file_store_32
2008-04-22 12:20:46 0 d-------- C:\Program Files\MoparScape
2008-04-22 12:07:14 0 d-------- C:\WINDOWS\.silabclient_store_32
2008-04-21 21:38:47 0 d-------- C:\WINDOWS\system32\VITrans
2008-04-21 21:38:45 111104 --a------ C:\WINDOWS\system32\Uharc.exe
2008-04-21 21:38:45 19968 --a------ C:\WINDOWS\system32\reico.exe <Not Verified; Dead Knight; >
2008-04-21 21:38:45 94208 --a------ C:\WINDOWS\system32\pskill.exe <Not Verified; Sysinternals - www.sysinternals.com; Systems Internals pkill>
2008-04-21 21:38:45 8636 --a------ C:\WINDOWS\system32\modifype.exe
2008-04-21 08:51:51 0 d-------- C:\Documents and Settings\Ali\Application Data\MySQL
2008-04-21 08:31:30 0 d-------- C:\Program Files\Microsoft Silverlight
2008-04-21 08:18:03 0 d-------- C:\Program Files\MySQL
2008-04-20 16:54:51 0 d-------- C:\Documents and Settings\Ali\Application Data\Hamachi
2008-04-16 18:50:24 0 d-------- C:\Program Files\EA GAMES
2008-04-16 18:34:40 0 d-------- C:\Fraps


-- Find3M Report ---------------------------------------------------------------

2008-05-15 20:00:34 0 d-------- C:\Program Files\Common Files
2008-05-14 17:26:36 0 d--h----- C:\Documents and Settings\Ali\Application Data\ijjigame
2008-05-14 15:41:46 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-07 19:15:09 0 d-------- C:\Program Files\Java
2008-05-06 18:51:24 0 d-------- C:\Program Files\Messenger
2008-05-06 18:51:05 0 d-------- C:\Program Files\Movie Maker
2008-05-06 18:48:57 0 d-------- C:\Program Files\Windows NT
2008-05-04 16:31:37 0 d-------- C:\Program Files\LimeWire
2008-05-03 19:44:30 0 d-------- C:\Documents and Settings\Ali\Application Data\LimeWire
2008-04-27 11:40:29 0 d-------- C:\Program Files\SystemRequirementsLab
2008-04-20 13:22:05 0 d-------- C:\Program Files\Lexmark X74-X75
2008-04-13 19:34:27 0 d-------- C:\Program Files\Microsoft Bootvis
2008-04-09 16:19:33 0 d-------- C:\Documents and Settings\Ali\Application Data\Adobe
2008-04-09 16:19:30 0 d-------- C:\Program Files\Common Files\Adobe AIR
2008-04-01 17:25:37 0 d-------- C:\Documents and Settings\Ali\Application Data\ESET
2008-04-01 16:56:57 0 d-------- C:\Program Files\Windows Media Connect 2
2008-03-31 14:45:53 0 d-------- C:\Documents and Settings\Ali\Application Data\SystemRequirementsLab
2008-03-25 07:22:43 0 d-------- C:\Documents and Settings\Ali\Application Data\Help
2008-03-19 19:37:11 0 d-------- C:\Program Files\Common Files\Motive
2008-02-28 16:18:07 4212 ---h---c- C:\WINDOWS\system32\zllictbl.dat
2008-02-19 22:10:10 1279 --a----c- C:\WINDOWS\mozver.dat
2008-02-18 13:26:10 315392 --a----c- C:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-02-17 23:02:43 845968 --a----c- C:\WINDOWS\system32\AI - Series.scr <Not Verified; Grooveware Multimedia; Screenweaver Shocked Edition>
2008-02-17 21:16:41 0 --a----c- C:\WINDOWS\nsreg.dat
2008-02-17 20:53:41 22 --a----c- C:\WINDOWS\FileName
2008-02-17 14:16:33 0 -rahs---- C:\MSDOS.SYS
2008-02-17 14:16:33 0 -rahs---- C:\IO.SYS
2008-02-17 14:16:33 0 --a------ C:\CONFIG.SYS
2008-02-17 14:14:28 21640 --a----c- C:\WINDOWS\system32\emptyregdb.dat
2008-02-17 09:09:58 62 --ahs--c- C:\Documents and Settings\Ali\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [06/29/2004 10:06 AM C:\WINDOWS\AGRSMMSG.exe]
"Lexmark X74-X75"="C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" [10/14/2002 04:09 PM]
"Verizon Custom Uninstall Tracking"="C:\DOCUME~1\Ali\LOCALS~1\Temp\InstallHelper.exe" []
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 01:41 AM]
"nwiz"="nwiz.exe" [12/05/2007 01:41 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 01:41 AM]
"SoundMan"="SOUNDMAN.EXE" [04/16/2007 03:28 PM C:\WINDOWS\soundman.exe]
"avast!"="C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [03/29/2008 02:37 PM]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [05/12/2008 09:20 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 05:42 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [8/8/2000 4:00:00 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsMenu"=01000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\MPK\MPK.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"= scecli scecli scecli scecli scecli scecli scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc




-- End of Deckard's System Scanner: finished at 2008-05-15 22:04:31 ------------




There was no Extra.txt


Thanks, off to bed. :thumbsup:


Mod Edit: Merged topic from Misplaced HJT Logs, "Unknown Dispruption In Performance" ~ TMacK

Edited by TMacK, 15 May 2008 - 11:51 PM.


#5 thewall

thewall

  • Malware Response Team
  • 6,425 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:04:51 PM

Posted 27 May 2008 - 04:58 PM

Hello iDukeHelp :thumbsup:


I Apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.
If you have since resolved the original problem you were having would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.

Thanks and again sorry for the delay.


Go to Start > Run... and copy/paste the text below into the Runbox:


"%userprofile%\desktop\dss.exe" /config



A window will open. Click on Check All, then click Scan!.

When it has finished, Deckard's System Scanner will open two Notepad files: main.txt and extra.txt- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply along with the scan from Spybot S&D.






Next
Please do an online scan with Kaspersky WebScanner

Click on Accept Button

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Thanks,

thewall
If I have helped you then please consider donating so I can continue the fight against malware Posted Image
All donations go directly to the helper

Posted Image

Due to the large amount of backlogs we have I cannot respond to PMs for help unless I am already working with you




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users