Thread: Task manager greyed out, pop-ups
View Single Post
Old 05-11-2008, 06:53 PM   #1 (permalink)
butlerkj
Registered User
 
Join Date: May 2008
Posts: 7
OS: Win2000


Task manager greyed out, pop-ups
extra.txtI got some kind of virus on my PC this morning. The task manager button is greyed out, both when I hit ctrl-alt-del and also if I right click the empty task bar area at the bottom of the screen. There is a pop-up about every minute from an icon on the bottom right of my screen saying I have spyware, and if I click on it, it tries to sell me software. It also added an "internet speed monitor" program, but I think I was able to delete that through add/remove programs. Here's my DSS report:

Deckard's System Scanner v20071014.68
Run by Kevin Butler on 2008-05-11 18:29:41
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Kevin Butler.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:30:20 PM, on 5/11/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINNT\b2new.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\wmsdkns.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\SnapStream Media\Firefly\Firefly.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
C:\Program Files\QdrModule\QdrModule15.exe
C:\Program Files\Palm\Hotsync.exe
C:\WINNT\system32\wuauclt.exe
C:\PROGRA~1\COMMON~1\SNAPST~1\Common\x10nets.exe
C:\Documents and Settings\Kevin Butler\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kevin Butler.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,C:\WINNT\system32\wmsdkns.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: StFlex IE Helper - {8334A30C-49E5-489a-B63D-5B927C1EF46E} - C:\Program Files\QdrDrive\QdrDrive15.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: (no name) - {A350914C-78B2-4012-AF9A-824333363C99} - C:\WINNT\system32\urqNDWNH.dll
O2 - BHO: (no name) - {C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8} - C:\WINNT\system32\iifgGYop.dll
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O2 - BHO: Microsoft copyright - {FFFFFFFF-BBBB-4146-86FD-A722E8AB3489} - sockins32.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG -off
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Firefly] C:\Program Files\SnapStream Media\Firefly\Firefly.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [QdrModule15] "C:\Program Files\QdrModule\QdrModule15.exe"
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Beyond TV.lnk = ?
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.apple.com.edgesuite....eInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1210551073299
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O20 - Winlogon Notify: iifgGYop - C:\WINNT\SYSTEM32\iifgGYop.dll
O21 - SSODL: WebProxy - {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINNT\b2new.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\SNAPST~1\Common\x10nets.exe

--
End of file - 8128 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 cmosa - c:\winnt\system32\drivers\cmosa.sys <Not Verified; Dell Computer Corporation.; DellŪ OpenManage Client Instrumentation>
R2 tcaicchg - c:\winnt\system32\tcaicchg.sys <Not Verified; 3Com Corporation; 3Com Windows NT NIC Diagnostic/Configuration>
R2 TCAITDI (TCAITDI Protocol) - c:\winnt\system32\drivers\tcaitdi.sys <Not Verified; 3Com Corporation; 3Com Windows NT NIC Diagnostic TDI Driver>
R3 hcwPP2 (Hauppauge WinTV PVR PCI II ([23|25|26]xxx)) - c:\winnt\system32\drivers\hcwpp2.sys <Not Verified; Hauppauge Computer Works, Inc.; WinTV>
R3 WinDriver6 - c:\winnt\system32\drivers\windrvr6.sys <Not Verified; Jungo; WinDriver Device Driver>
R3 X10UIF (%DESCRIPTION%) - c:\winnt\system32\drivers\x10uif.sys <Not Verified; X10 Wireless Technology, Inc.; X10 USB Control Interface>

S3 CA504AV (Mega Camera, WDM Video Capture) - c:\winnt\system32\drivers\ca504av.sys <Not Verified; Digital Camera.; Digital Camera Driver>
S3 DLPortIO (DriverLINX Port I/O Driver) - c:\winnt\system32\drivers\dlportio.sys
S3 Sunplus (Mega Camera Still Image Capture, Sunplus Version 1.00) - c:\winnt\system32\drivers\bulk504.sys <Not Verified; Sunplus; Bulk IO Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 MsSecurity1.209.4 (MsSecurity Updated) - c:\winnt\b2new.exe service
R3 x10nets (X10 Device Network Service) - c:\progra~1\common~1\snapst~1\common\x10nets.exe <Not Verified; X10; x10 Module>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\MGMT180\2&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPI\MGMT180\2&DABA3FF&0
Service:


-- Scheduled Tasks -------------------------------------------------------------

2006-09-04 17:20:39 426 --a------ C:\WINNT\Tasks\Symantec NetDetect.job


-- Files created between 2008-04-11 and 2008-05-11 -----------------------------

2008-05-11 18:30:08 0 d-------- C:\Program Files\Trend Micro
2008-05-11 18:26:16 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_658.dat
2008-05-11 18:18:36 0 d-------- C:\WINNT\system32\BITS
2008-05-11 18:05:19 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-11 18:05:10 0 d-------- C:\Program Files\SpywareBlaster
2008-05-11 16:29:10 0 d-------- C:\Program Files\Panda Security
2008-05-11 15:02:17 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_27c.dat
2008-05-11 14:52:15 2822 --a------ C:\WINNT\system32\tmp.reg
2008-05-11 14:28:25 0 d-------- C:\Program Files\SmitfraudFix <SMITFR~1>
2008-05-11 14:25:20 1390255 --a------ C:\Program Files\SmitfraudFix.exe
2008-05-11 14:19:11 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_284.dat
2008-05-11 10:47:21 21504 --a------ C:\WINNT\stcloader.exe
2008-05-11 10:47:19 13568 --a------ C:\WINNT\voiceip.dll
2008-05-11 10:47:19 31232 --a------ C:\WINNT\swin32.dll
2008-05-11 10:47:18 18432 --a------ C:\WINNT\cdsm32.dll
2008-05-11 10:47:18 25856 --a------ C:\WINNT\bokja.exe
2008-05-11 10:47:17 29440 --a------ C:\WINNT\mssvr.exe
2008-05-11 10:47:16 24064 --a------ C:\WINNT\mspphe.dll
2008-05-11 10:47:16 27136 --a------ C:\WINNT\bjam.dll
2008-05-11 10:47:15 22016 --a------ C:\WINNT\2020search2.dll
2008-05-11 10:47:14 22016 --a------ C:\WINNT\2020search.dll
2008-05-11 10:47:07 13824 --a------ C:\WINNT\saiemod.dll
2008-05-11 10:47:06 26368 --a------ C:\WINNT\msapasrc.dll
2008-05-11 10:47:06 25600 --a------ C:\WINNT\msa64chk.dll
2008-05-11 10:47:04 14848 --a------ C:\WINNT\shdocpl.dll
2008-05-11 10:47:03 12544 --a------ C:\WINNT\shdocpe.dll
2008-05-11 10:47:03 22016 --a------ C:\WINNT\ntnut.exe
2008-05-11 10:47:02 15616 --a------ C:\WINNT\winsb.dll
2008-05-11 10:47:02 31744 --a------ C:\WINNT\browserad.dll
2008-05-11 10:47:01 31744 --a------ C:\WINNT\aviwrap32.dll
2008-05-11 10:47:00 10752 --a------ C:\WINNT\avisynthex32.dll
2008-05-11 10:47:00 11008 --a------ C:\WINNT\avifile32.dll
2008-05-11 10:47:00 25600 --a------ C:\WINNT\autodisc32.dll
2008-05-11 10:46:59 11264 --a------ C:\WINNT\audiosrv32.dll
2008-05-11 10:46:59 24320 --a------ C:\WINNT\ati2dvag32.dll
2008-05-11 10:46:59 9216 --a------ C:\WINNT\ati2dvaa32.dll
2008-05-11 10:46:58 21248 --a------ C:\WINNT\athprxy32.dll
2008-05-11 10:46:58 25344 --a------ C:\WINNT\asycfilt32.dll
2008-05-11 10:46:57 16384 --a------ C:\WINNT\asferror32.dll
2008-05-11 10:46:57 30720 --a------ C:\WINNT\apphelp32.dll
2008-05-11 10:46:56 24832 --a------ C:\WINNT\changeurl_30.dll
2008-05-11 09:41:15 8069 --ahs---- C:\WINNT\system32\HNWDNqru.ini2
2008-05-11 09:41:10 316464 --a------ C:\WINNT\system32\urqNDWNH.dll
2008-05-11 09:37:46 41724 ---hs---- C:\Program Files\Common Files\Yazzle1552OinUninstaller.exe
2008-05-11 09:36:13 0 d-------- C:\WINNT\system32\dFrnx06
2008-05-11 09:36:13 0 d-------- C:\Temp
2008-05-11 09:35:59 25728 --a------ C:\WINNT\system32\iifgGYop.dll
2008-05-11 09:35:56 0 d-------- C:\Program Files\QdrModule
2008-05-11 09:35:55 0 d-------- C:\Program Files\QdrDrive
2008-05-11 09:35:55 0 d-------- C:\Program Files\ISM
2008-05-11 09:35:21 0 d-------- C:\Documents and Settings\Default User\Application Data\Macromedia
2008-05-11 09:35:09 91563 --a------ C:\WINNT\system32\wmsdkns.exe <Not Verified; Microsoft; XML Media>
2008-05-11 09:35:09 91563 --a------ C:\WINNT\lfn.exe <Not Verified; Microsoft; XML Media>
2008-05-11 09:34:55 25600 --a------ C:\WINNT\b2new.exe
2008-05-09 12:10:08 187904 ---hs---- C:\Program Files\Common Files\Yazzle1552OinAdmin.exe
2008-05-09 11:10:10 229514 --a------ C:\WINNT\system32\000080.exe
2008-05-03 10:48:00 270709 --a------ C:\WINNT\system32\000060.exe
2008-05-01 17:52:43 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_28c.dat


-- Find3M Report ---------------------------------------------------------------

2008-05-11 09:37:46 0 d-a------ C:\Program Files\Common Files
2008-04-01 20:02:39 0 d-------- C:\Program Files\Ahead
2008-04-01 19:58:25 0 d-------- C:\Program Files\Common Files\Ahead
2008-04-01 19:46:36 830293 --a------ C:\WINNT\hpdvd840b_HJ86.exe
2008-02-22 21:59:32 50 --a------ C:\tmp.bat
2008-02-20 20:27:35 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_5c4.dat
2008-02-20 20:11:28 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_e4.dat
2008-02-16 10:47:40 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_540.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15651c7c-e812-44a2-a9ac-b467a2233e7d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{622cc208-b014-4fe0-801b-874a5e5e403a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8334A30C-49E5-489a-B63D-5B927C1EF46E}]
04/03/08 02:05p 147456 --a------ C:\Program Files\QdrDrive\QdrDrive15.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c5b2f29-1f46-4639-a6b4-828942301d3e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A350914C-78B2-4012-AF9A-824333363C99}]
05/11/08 09:41a 316464 --a------ C:\WINNT\system32\urqNDWNH.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8}]
05/11/08 09:36a 25728 --a------ C:\WINNT\system32\iifgGYop.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-BBBB-4146-86FD-A722E8AB3489}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"="mobsync.exe" [06/19/03 01:05p C:\WINNT\system32\mobsync.exe]
"NvCplDaemon"="C:\WINNT\System32\NvCpl.dll" [07/15/04 11:42a]
"TCASUTIEXE"="TCAUDIAG -off" []
"nwiz"="nwiz.exe" [07/15/04 11:42a C:\WINNT\system32\nwiz.exe]
"NvMediaCenter"="C:\WINNT\System32\NvMcTray.dll" [07/15/04 11:42a]
"Firefly"="C:\Program Files\SnapStream Media\Firefly\Firefly.exe" [08/18/04 01:07p]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [03/29/08 11:37a]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [09/06/06 06:08p]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/07 02:11a]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/07 08:51p]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [11/14/07 05:05p]
"NeroFilterCheck"="C:\WINNT\system32\NeroCheck.exe" [07/09/01 11:50a]
"DVDTray"="C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe" [09/03/04 02:58a]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [03/01/07 10:37a]
"QdrModule15"="C:\Program Files\QdrModule\QdrModule15.exe" [04/25/08 12:23p]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{C7BBC1FA-E415-4926-9A47-9AB58D0B3BC8}"= C:\WINNT\system32\iifgGYop.dll [05/11/08 09:36a 25728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebProxy"= {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINNT\system32\userinit.exe,C:\WINNT\system32\wmsdkns.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifgGYop]
iifgGYop.dll 05/11/08 09:36a 25728 C:\WINNT\system32\iifgGYop.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=NVDESK32.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINNT\system32\urqNDWNH

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{66186F05-BBBB-4a39-864F-72D84615C679}]
rundll32 sockins32.dll,InitModule



-- End of Deckard's System Scanner: finished at 2008-05-11 18:31:36 ------------
butlerkj is offline