Thread: system overload...big problems
View Single Post
Old 08-19-2007, 11:39 AM   #1 (permalink)
bdollaz
Registered User
 
Join Date: Aug 2006
Posts: 9
OS: XP


Confused system overload...big problems
Deckard's System Scanner v20070809.63
Run by mBarry on 2007-08-19 at 13:22:05
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; System Restore is disabled (service is not running).


-- Last 5 Restore Point(s) --
9: 2007-08-19 10:23:20 UTC - RP931 - System Checkpoint
8: 2007-08-18 09:23:21 UTC - RP930 - System Checkpoint
7: 2007-08-17 08:32:15 UTC - RP929 - System Checkpoint
6: 2007-08-16 07:44:11 UTC - RP928 - System Checkpoint
5: 2007-08-12 17:32:47 UTC - RP927 - System Checkpoint


-- First Restore Point --
1: 2007-08-08 14:55:40 UTC - RP923 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 77% (more than 75%).
Total Physical Memory: 127 MiB (512 MiB recommended).
System Drive C: has 0.2 GiB (less than 15%) free.


-- HijackThis (run as mBarry.exe) ----------------------------------------------

HijackThis failed to provide a log after three minutes; running clone instead.
-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-08-19 13:27:33
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\NAVAPSVC.EXE
C:\Program Files\Norton AntiVirus\IWP\NPFMNTOR.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Documents and Settings\mBarry\Local Settings\Temporary Internet Files\Content.IE5\PKNZ2L1V\dss[1].exe
C:\Documents and Settings\mBarry\My Documents\hijack this\mBarry.exe
C:\Program Files\SpywareBlaster\spywareblaster.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {31A9EA55-D059-49ce-84FD-0EE27B63E2F0} - C:\WINDOWS\system32\morissh.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: H - {7D699C05-99F4-4f95-A6D0-F2FD7D9714F2} - cunamei.dll (file missing)
O2 - BHO: HttpGuard - {98B822AD-6BE7-49BC-B773-97240B774080} - C:\WINDOWS\system32\AClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NAVSHEXT.DLL
O4 - HKEY_LOCAL_MACHINE\..\Run: [DrWeb Antivirus] DRWEBAV.EXE
O4 - HKEY_LOCAL_MACHINE\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKEY_LOCAL_MACHINE\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKEY_LOCAL_MACHINE\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKEY_LOCAL_MACHINE\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKEY_LOCAL_MACHINE\..\Run: [mssrv32] c:\windows\system32\mssrv32.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra 'Tools' menuitem: (no name) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe
O9 - Extra 'Tools' menuitem: (no name) - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe
O15 - Trusted Zone: https://jayloden.com (HKCU)
O15 - Trusted IP Range: 88.80.5.21 (HKCU)
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/pub...irector/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} () - http://www.drivecleaner.com/.freewar...eanerstart.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeup...tent/opuc2.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/v...fo/webscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go.com/games/downl...ameManager.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"


-- HijackThis Fixed Entries (C:\DOCUME~1\mBarry\MYDOCU~1\HIJACK~1\backups\) ----

backup-20060904-150720-115 O4 - HKCU\..\Run: [oozq] C:\PROGRA~1\COMMON~1\oozq\oozqm.exe
backup-20060911-154705-114 R3 - Default URLSearchHook is missing
backup-20060911-154705-143 O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
backup-20060911-154705-168 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
backup-20060911-154705-198 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
backup-20060911-154705-530 O4 - Global Startup: MSWin.exe
backup-20060911-154705-598 O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c9.cab
backup-20060911-154705-776 O4 - HKCU\..\Run: [LB47RVi5O] cmpns.exe
backup-20060911-154705-783 O4 - HKLM\..\Run: [4snX39O] autosts32.exe
backup-20060911-154705-803 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
backup-20060911-154705-835 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
backup-20060911-154705-977 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

S3 CO_Mon - c:\windows\system32\drivers\co_mon.sys
S3 TIAcxubt (D-Link WLAN USB Boot Device) - c:\windows\system32\drivers\tiacxubt.sys (file missing)
S3 TIACXUSB (D-Link AirPlus DWL-120+ Wireless USB Adapter) - c:\windows\system32\drivers\tiacxusb.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-08-19 12:00:00 350 --a------ C:\WINDOWS\Tasks\At61.job
2007-08-19 12:00:00 350 --a------ C:\WINDOWS\Tasks\At37.job
2007-08-19 12:00:00 350 --a------ C:\WINDOWS\Tasks\At13.job
2007-08-19 11:00:00 350 --a------ C:\WINDOWS\Tasks\At60.job
2007-08-19 11:00:00 350 --a------ C:\WINDOWS\Tasks\At36.job
2007-08-19 11:00:00 350 --a------ C:\WINDOWS\Tasks\At12.job
2007-08-19 10:00:00 350 --a------ C:\WINDOWS\Tasks\At59.job
2007-08-19 10:00:00 350 --a------ C:\WINDOWS\Tasks\At35.job
2007-08-19 10:00:00 350 --a------ C:\WINDOWS\Tasks\At11.job
2007-08-19 09:00:00 350 --a------ C:\WINDOWS\Tasks\At58.job
2007-08-19 09:00:00 350 --a------ C:\WINDOWS\Tasks\At34.job
2007-08-19 09:00:00 350 --a------ C:\WINDOWS\Tasks\At10.job
2007-08-19 08:00:00 350 --a------ C:\WINDOWS\Tasks\At9.job
2007-08-19 08:00:00 350 --a------ C:\WINDOWS\Tasks\At57.job
2007-08-19 08:00:00 350 --a------ C:\WINDOWS\Tasks\At33.job
2007-08-19 07:00:00 350 --a------ C:\WINDOWS\Tasks\At8.job
2007-08-19 07:00:00 350 --a------ C:\WINDOWS\Tasks\At56.job
2007-08-19 07:00:00 350 --a------ C:\WINDOWS\Tasks\At32.job
2007-08-19 06:00:00 350 --a------ C:\WINDOWS\Tasks\At7.job
2007-08-19 06:00:00 350 --a------ C:\WINDOWS\Tasks\At55.job
2007-08-19 06:00:00 350 --a------ C:\WINDOWS\Tasks\At31.job
2007-08-19 05:00:00 350 --a------ C:\WINDOWS\Tasks\At6.job
2007-08-19 05:00:00 350 --a------ C:\WINDOWS\Tasks\At54.job
2007-08-19 05:00:00 350 --a------ C:\WINDOWS\Tasks\At30.job
2007-08-19 04:00:00 350 --a------ C:\WINDOWS\Tasks\At53.job
2007-08-19 04:00:00 350 --a------ C:\WINDOWS\Tasks\At5.job
2007-08-19 04:00:00 350 --a------ C:\WINDOWS\Tasks\At29.job
2007-08-19 03:00:00 350 --a------ C:\WINDOWS\Tasks\At52.job
2007-08-19 03:00:00 350 --a------ C:\WINDOWS\Tasks\At4.job
2007-08-19 03:00:00 350 --a------ C:\WINDOWS\Tasks\At28.job
2007-08-19 02:00:00 350 --a------ C:\WINDOWS\Tasks\At51.job
2007-08-19 02:00:00 350 --a------ C:\WINDOWS\Tasks\At3.job
2007-08-19 02:00:00 350 --a------ C:\WINDOWS\Tasks\At27.job
2007-08-19 01:00:00 350 --a------ C:\WINDOWS\Tasks\At50.job
2007-08-19 01:00:00 350 --a------ C:\WINDOWS\Tasks\At26.job
2007-08-19 01:00:00 350 --a------ C:\WINDOWS\Tasks\At2.job
2007-08-19 00:00:00 350 --a------ C:\WINDOWS\Tasks\At49.job
2007-08-19 00:00:00 350 --a------ C:\WINDOWS\Tasks\At25.job
2007-08-19 00:00:00 350 --a------ C:\WINDOWS\Tasks\At1.job
2007-08-18 23:00:00 350 --a------ C:\WINDOWS\Tasks\At72.job
2007-08-18 23:00:00 350 --a------ C:\WINDOWS\Tasks\At48.job
2007-08-18 23:00:00 350 --a------ C:\WINDOWS\Tasks\At24.job
2007-08-18 22:00:00 350 --a------ C:\WINDOWS\Tasks\At71.job
2007-08-18 22:00:00 350 --a------ C:\WINDOWS\Tasks\At47.job
2007-08-18 22:00:00 350 --a------ C:\WINDOWS\Tasks\At23.job
2007-08-18 21:00:00 350 --a------ C:\WINDOWS\Tasks\At70.job
2007-08-18 21:00:00 350 --a------ C:\WINDOWS\Tasks\At46.job
2007-08-18 21:00:00 350 --a------ C:\WINDOWS\Tasks\At22.job
2007-08-18 20:00:00 350 --a------ C:\WINDOWS\Tasks\At69.job
2007-08-18 20:00:00 350 --a------ C:\WINDOWS\Tasks\At45.job
2007-08-18 20:00:00 350 --a------ C:\WINDOWS\Tasks\At21.job
2007-08-18 19:00:00 350 --a------ C:\WINDOWS\Tasks\At68.job
2007-08-18 19:00:00 350 --a------ C:\WINDOWS\Tasks\At44.job
2007-08-18 19:00:00 350 --a------ C:\WINDOWS\Tasks\At20.job
2007-08-18 18:00:00 350 --a------ C:\WINDOWS\Tasks\At67.job
2007-08-18 18:00:00 350 --a------ C:\WINDOWS\Tasks\At43.job
2007-08-18 18:00:00 350 --a------ C:\WINDOWS\Tasks\At19.job
2007-08-18 17:00:00 350 --a------ C:\WINDOWS\Tasks\At66.job
2007-08-18 17:00:00 350 --a------ C:\WINDOWS\Tasks\At42.job
2007-08-18 17:00:00 350 --a------ C:\WINDOWS\Tasks\At18.job
2007-08-18 16:00:00 350 --a------ C:\WINDOWS\Tasks\At65.job
2007-08-18 16:00:00 350 --a------ C:\WINDOWS\Tasks\At41.job
2007-08-18 16:00:00 350 --a------ C:\WINDOWS\Tasks\At17.job
2007-08-18 15:00:00 350 --a------ C:\WINDOWS\Tasks\At64.job
2007-08-18 15:00:00 350 --a------ C:\WINDOWS\Tasks\At40.job
2007-08-18 15:00:00 350 --a------ C:\WINDOWS\Tasks\At16.job
2007-08-18 14:00:00 350 --a------ C:\WINDOWS\Tasks\At63.job
2007-08-18 14:00:00 350 --a------ C:\WINDOWS\Tasks\At39.job
2007-08-18 14:00:00 350 --a------ C:\WINDOWS\Tasks\At15.job
2007-08-18 13:00:00 350 --a------ C:\WINDOWS\Tasks\At62.job
2007-08-18 13:00:00 350 --a------ C:\WINDOWS\Tasks\At38.job
2007-08-18 13:00:00 350 --a------ C:\WINDOWS\Tasks\At14.job
2007-08-17 20:00:00 532 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - mBarry.job
2007-08-13 16:49:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-07-19 and 2007-08-19 -----------------------------

2007-08-19 13:19:55 21312 --a------ C:\WINDOWS\choice.exe
2007-08-19 13:03:37 0 d-------- C:\Program Files\SpywareBlaster
2007-08-19 12:52:14 0 d------c- C:\ie-spyad
2007-08-16 13:41:12 15999 --a------ C:\WINDOWS\system32\mssrv32.exe
2007-08-16 00:12:58 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-08-16 00:10:59 18944 --a------ C:\WINDOWS\system32\morissh.dll
2007-08-14 03:53:52 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-08-07 13:01:22 0 dr-h----- C:\Documents and Settings\mBarry\Recent
2007-08-01 20:51:24 419328 --a------ C:\WINDOWS\system32\AClient.dll
2007-08-01 20:51:15 416256 --a------ C:\WINDOWS\installer.exe
2007-08-01 03:53:35 0 d-------- C:\Documents and Settings\mBarry\Application Data\Grisoft
2007-08-01 01:46:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-07-20 01:54:23 1 --a------ C:\WINDOWS\system32\boa.dat
2007-07-20 01:54:21 1 --a------ C:\WINDOWS\system32\ps.dat
2007-07-20 01:54:21 1 --a------ C:\WINDOWS\system32\cookie.dat
2007-07-20 01:45:32 49152 --a------ C:\WINDOWS\system32\cunamei.dll <Not Verified; ; Helper Module>


-- Find3M Report ---------------------------------------------------------------

2007-08-19 12:33:23 0 d-------- C:\Program Files\Common Files
2007-08-15 12:29:43 0 d-------- C:\Program Files\Norton AntiVirus
2007-08-15 12:22:38 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-08-15 12:19:38 0 d-------- C:\Program Files\AIM
2007-08-01 20:49:45 0 d-------- C:\Program Files\Napster
2007-07-15 21:04:20 0 d-------- C:\Program Files\Bodog Poker
2007-07-15 21:01:29 0 d-------- C:\Program Files\PacificPoker
2007-07-15 11:11:55 0 d-------- C:\Program Files\Common Files\Real
2007-07-15 11:10:54 0 d-------- C:\Documents and Settings\mBarry\Application Data\Real
2007-07-13 03:29:07 18944 --a------ C:\WINDOWS\system32\geyrr.dll
2007-07-12 16:42:05 0 d-------- C:\Program Files\LimeWire
2007-07-05 1258 0 d-------- C:\Program Files\SymNetDrv
2007-06-20 02:37:13 42496 --a------ C:\WINDOWS\system32\systray32s.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows(R) Operating System>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31A9EA55-D059-49ce-84FD-0EE27B63E2F0}]
08/16/2007 12:10 AM 18944 --a------ C:\WINDOWS\system32\morissh.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7D699C05-99F4-4f95-A6D0-F2FD7D9714F2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{98B822AD-6BE7-49BC-B773-97240B774080}]
08/13/2007 01:08 PM 419328 --a------ C:\WINDOWS\system32\AClient.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DrWeb Antivirus"="DRWEBAV.EXE" []
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [08/15/2007 11:46 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [10/25/2006 07:58 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [10/30/2006 10:36 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [09/13/2004 04:49 PM]
"DeadAIM"="C:\Program Files\AIM\\DeadAIM.ocm" [02/10/2005 11:25 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [04/13/2006 02:20 PM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"mssrv32"="c:\windows\system32\mssrv32.exe" [08/16/2007 01:40 PM]
"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ZESOFT"=2 (0x2)


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44AA3114-D221-43EC-1C32-1EAC52A2014D}]
C:\WINDOWS\system32\msnvl.exe



-- End of Deckard's System Scanner: finished at 2007-08-19 at 13:33:30 ---------
My computer gets overloaded with spyware and such as soon as i turn it on and it eventually gets too overloadeed and a blue screen pops up and it restarts any help would be super i have my dss logs and my pandascan log i attatched it on like the extra log
Attached Files
File Type: txt extra.txt (13.0 KB, 0 views)
File Type: txt Activescan 2007.txt (16.2 KB, 0 views)
bdollaz is offline   Reply With Quote