Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Recieved a pm from a site claiming I was infected


  • This topic is locked This topic is locked
21 replies to this topic

#16 wavemaker

wavemaker
  • Topic Starter

  • Members
  • 283 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryborough Queensland Australia
  • Local time:10:56 AM

Posted 02 March 2010 - 04:24 AM

Gooday again. I have tried for half an hour to get this right but I think I have erred. Anyway here is what I got.


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "Everything" "Everything" "" "c:\program files\everything\everything.exe"
+ "ISTray" "PC Tools Tray Application" "PC Tools" "c:\program files\spyware doctor\pctstray.exe"
+ "Malwarebytes Anti-Malware (reboot)" "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbam.exe"
+ "PCSuiteTrayApplication" "PC Suite" "Nokia" "c:\program files\nokia\nokia pc suite 6\launchapplication.exe"
+ "SoundMan" "Realtek Sound Manager" "Realtek Semiconductor Corp." "c:\windows\soundman.exe"
+ "SunJavaUpdateSched" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jusched.exe"
"C:\Users\james\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.1.lnk" "" "" "c:\program files\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgpp.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG9 Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgse.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "SDContextExt" "Spyware Doctor Component" "PC Tools" "c:\program files\spyware doctor\sdcontextext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Nokia" "Phone Browser" "Nokia" "c:\program files\nokia\nokia pc suite 6\phonebrowser.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG9 Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgse.dll"
+ "MBAMShlExt" "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "SDContextExt" "Spyware Doctor Component" "PC Tools" "c:\program files\spyware doctor\sdcontextext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgse.dll"
+ "Nokia Phone Browser" "Phone Browser" "Nokia" "c:\program files\nokia\nokia pc suite 6\phonebrowser.dll"
+ "NvCpl DesktopContext Class" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NVIDIA Play On My TV Context Menu Extension" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "OpenOffice.org Column Handler" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
+ "OpenOffice.org Infotip Handler" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
+ "OpenOffice.org Property Sheet Handler" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
+ "OpenOffice.org Thumbnail Viewer" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgssie.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "PC Tools Browser Guard BHO" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files\spyware doctor\bdt\pctbrowserdefender.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "PC Tools Browser Guard" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files\spyware doctor\bdt\pctbrowserdefender.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" "" "" ""
+ "\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" "" "" ""
+ "\Microsoft\Windows\Media Center\PvrScheduleTask" "" "" ""
+ "\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" "" "" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "" "" ""
+ "\{6C40B7E0-DCF5-43A0-980A-87C1C7B9F6EE}" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
+ "\{CF1BF8AC-991F-4BAB-A736-A56EC3654142}" "Autostart program viewer" "Sysinternals - www.sysinternals.com" "c:\users\james\desktop\autoruns\autorunsc.exe"
+ "\{E0E41804-9D7B-4E26-9A30-F872A5BC865F}" "Autostart program viewer" "Sysinternals - www.sysinternals.com" "c:\users\james\desktop\autoruns\autorunsc.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "avg9emc" "AVG E-Mail Scanner" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgemc.exe"
+ "avg9wd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgwdsvc.exe"
+ "Browser Defender Update Service" "Browser Defender Update Service" "Threat Expert Ltd." "c:\program files\spyware doctor\bdt\bdtupdateservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "sdAuxService" "Provides auxiliary PC Tools Security services. If this service is disabled spyware protection will be reduced." "PC Tools" "c:\program files\spyware doctor\pctsauxs.exe"
+ "sdCoreService" "Provides spyware and malware protection for the system. If this service is disabled spyware protection will be disabled." "PC Tools" "c:\program files\spyware doctor\pctssvc.exe"
+ "ServiceLayer" "ServiceLayer Module" "Nokia." "c:\program files\pc connectivity solution\servicelayer.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "ALCXWDM" "Realtek AC'97 Audio Driver (WDM)" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvac.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AvgLdx86" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx86.sys"
+ "AvgMfx86" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx86.sys"
+ "AvgTdiX" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdix.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\Users\james\AppData\Local\Temp\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nmwcd" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmb.sys"
+ "nmwcdc" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmbo.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 191.07 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvmpu401" "NVIDIA® nForce™ MPU401 Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvmpu401.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PCTCore" "PC Tools KDS Core Driver" "PC Tools" "c:\windows\system32\drivers\pctcore.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASENUM" "SASENUM.SYS" " SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasenum.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "upperdev" "Filter Driver for the Toaster Stack" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\usbser_lowerflt.sys"
+ "UsbserFilt" "Filter Driver for the Toaster Stack" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\usbser_lowerfltj.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "" "" "c:\windows\system32\drivers\yk62x86.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\Windows\System32\avgrsstx.dll" "AVG Resident Shield Starter" "AVG Technologies CZ, s.r.o." "c:\windows\system32\avgrsstx.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "!SASWinLogon" "SUPERAntiSpyware WinLogon Processor" "SUPERAntiSpyware.com" "c:\program files\superantispyware\saswinlo.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor3_3" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm3_3.dll"
When The Going Gets Weird, The Weird Turn Pro. (H.S.T.)

BC AdBot (Login to Remove)

 


#17 wavemaker

wavemaker
  • Topic Starter

  • Members
  • 283 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryborough Queensland Australia
  • Local time:10:56 AM

Posted 02 March 2010 - 06:28 AM

Forgot to mention that at this point the machine appears to be running ok but slow start up is still an issue.
When The Going Gets Weird, The Weird Turn Pro. (H.S.T.)

#18 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 PM

Posted 02 March 2010 - 08:34 AM

Hi,

These are all the Non-Microsoft programs that start up each time your computer starts! blink.gif

No wonder you have a slow startup.

Re-open autoruns and uncheck the red entries. If you decide later that you like these programs to run at startup just open autoruns and re-check the entry.

QUOTE
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "Everything" "Everything" "" "c:\program files\everything\everything.exe"

+ "ISTray" "PC Tools Tray Application" "PC Tools" "c:\program files\spyware doctor\pctstray.exe"
+ "Malwarebytes Anti-Malware (reboot)" "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbam.exe"
+ "PCSuiteTrayApplication" "PC Suite" "Nokia" "c:\program files\nokia\nokia pc suite 6\launchapplication.exe"
+ "SoundMan" "Realtek Sound Manager" "Realtek Semiconductor Corp." "c:\windows\soundman.exe"
+ "SunJavaUpdateSched" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jusched.exe"
"C:\Users\james\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OpenOffice.org 3.1.lnk" "" "" "c:\program files\openoffice.org 3\program\quickstart.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""

+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgpp.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG9 Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgse.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "SDContextExt" "Spyware Doctor Component" "PC Tools" "c:\program files\spyware doctor\sdcontextext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Nokia" "Phone Browser" "Nokia" "c:\program files\nokia\nokia pc suite 6\phonebrowser.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""

+ "AVG9 Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgse.dll"
+ "MBAMShlExt" "Malwarebytes' Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "SDContextExt" "Spyware Doctor Component" "PC Tools" "c:\program files\spyware doctor\sdcontextext32.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgse.dll"
+ "Nokia Phone Browser" "Phone Browser" "Nokia" "c:\program files\nokia\nokia pc suite 6\phonebrowser.dll"
+ "NvCpl DesktopContext Class" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NVIDIA Play On My TV Context Menu Extension" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "OpenOffice.org Column Handler" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
+ "OpenOffice.org Infotip Handler" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
+ "OpenOffice.org Property Sheet Handler" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
+ "OpenOffice.org Thumbnail Viewer" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"

+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgssie.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "PC Tools Browser Guard BHO" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files\spyware doctor\bdt\pctbrowserdefender.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "PC Tools Browser Guard" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files\spyware doctor\bdt\pctbrowserdefender.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" "" "" ""
+ "\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" "" "" ""
+ "\Microsoft\Windows\Media Center\PvrScheduleTask" "" "" ""
+ "\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" "" "" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "" "" ""
+ "\{6C40B7E0-DCF5-43A0-980A-87C1C7B9F6EE}" "SUPERAntiSpyware Application" "SUPERAntiSpyware.com" "c:\program files\superantispyware\superantispyware.exe"
+ "\{CF1BF8AC-991F-4BAB-A736-A56EC3654142}" "Autostart program viewer" "Sysinternals - www.sysinternals.com" "c:\users\james\desktop\autoruns\autorunsc.exe"
+ "\{E0E41804-9D7B-4E26-9A30-F872A5BC865F}" "Autostart program viewer" "Sysinternals - www.sysinternals.com" "c:\users\james\desktop\autoruns\autorunsc.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""

+ "avg9emc" "AVG E-Mail Scanner" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgemc.exe"
+ "avg9wd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg9\avgwdsvc.exe"
+ "Browser Defender Update Service" "Browser Defender Update Service" "Threat Expert Ltd." "c:\program files\spyware doctor\bdt\bdtupdateservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "sdAuxService" "Provides auxiliary PC Tools Security services. If this service is disabled spyware protection will be reduced." "PC Tools" "c:\program files\spyware doctor\pctsauxs.exe"
+ "sdCoreService" "Provides spyware and malware protection for the system. If this service is disabled spyware protection will be disabled." "PC Tools" "c:\program files\spyware doctor\pctssvc.exe"
+ "ServiceLayer" "ServiceLayer Module" "Nokia." "c:\program files\pc connectivity solution\servicelayer.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aic78xx" "Adaptec Ultra SCSI miniport" "Adaptec, Inc." "c:\windows\system32\drivers\djsvs.sys"
+ "ALCXWDM" "Realtek AC'97 Audio Driver (WDM)" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvac.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows family" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AvgLdx86" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx86.sys"
+ "AvgMfx86" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx86.sys"
+ "AvgTdiX" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdix.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbdx.sys"
+ "b57nd60x" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60x.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\Users\james\AppData\Local\Temp\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbdx.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7 for x86" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nmwcd" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmb.sys"
+ "nmwcdc" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmbo.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 191.07 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvmpu401" "NVIDIA® nForce™ MPU401 Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvmpu401.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PCTCore" "PC Tools KDS Core Driver" "PC Tools" "c:\windows\system32\drivers\pctcore.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASENUM" "SASENUM.SYS" " SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasenum.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "upperdev" "Filter Driver for the Toaster Stack" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\usbser_lowerflt.sys"
+ "UsbserFilt" "Filter Driver for the Toaster Stack" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\usbser_lowerfltj.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "" "" "c:\windows\system32\drivers\yk62x86.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\Windows\System32\avgrsstx.dll" "AVG Resident Shield Starter" "AVG Technologies CZ, s.r.o." "c:\windows\system32\avgrsstx.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "!SASWinLogon" "SUPERAntiSpyware WinLogon Processor" "SUPERAntiSpyware.com" "c:\program files\superantispyware\saswinlo.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor3_3" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm3_3.dll"


Also....

If you only use SAS and MBAM on demand then you can uncheck the autostart entries. I also see that PC-Tools is hard at work. Overkill as far as I am concerned. You need one antivirus program and one antispyware program. Uninstall the rest!

Reboot.

How is it running now?
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#19 wavemaker

wavemaker
  • Topic Starter

  • Members
  • 283 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryborough Queensland Australia
  • Local time:10:56 AM

Posted 03 March 2010 - 04:35 AM

Thanks again for the help thcbytes. I have removed all of the spyware tools and the only thing I have now is Malware bytes, AVG Free and microsoft security essentials..The start up is now around what it used to be. However I am still having a problem with opening stuff. I have the mouse set to single click. Some times when I click on an icon, Firefox say, it will either not open or take an inordinate amount of time to do so. I know there are things one can do to speed up Firefox but generally speaking I am happy with it out of the box. Same applies with Open Office. I know how to speed it up but when it just doesn't open when I click is telling me something is awry. So, whilst generally happy I am unsure as to whether all is good with the machine. I'll run it for a while and see how it goes.

Apropos of nothing mentioned here, have you seen this error before and are you aware of a fix?. I have around 19 instances of it in my event viewer. Critical 27-Feb-10 9:56:53 AM Kernel-Power 41 (63)
It usually happens not long after start up. Once again many thanks, I owe you one.
When The Going Gets Weird, The Weird Turn Pro. (H.S.T.)

#20 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 PM

Posted 03 March 2010 - 10:30 AM

Your computer is clean of Malware. In regards to the other issues I would post a request for assistance in the Windows 7 Forum. thumbup2.gif
http://www.bleepingcomputer.com/forums/f/167/windows-7/

Kind regards,
~ t
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#21 wavemaker

wavemaker
  • Topic Starter

  • Members
  • 283 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maryborough Queensland Australia
  • Local time:10:56 AM

Posted 05 March 2010 - 03:38 AM

Many thanks. James.
When The Going Gets Weird, The Weird Turn Pro. (H.S.T.)

#22 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 PM

Posted 05 March 2010 - 01:20 PM

Your welcome. thumbup2.gif

Since this topic appears to be resolved, I will now close it.
If you need this topic re-opened please send me a PM.

Everyone else, please start a new topic.

Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users