Thread: computer running slow, problem with Rundll32.exe
View Single Post
Old 07-31-2008, 02:20 AM   #1 (permalink)
zeromonkeyx
Registered User
 
Join Date: Feb 2008
Posts: 26
OS: xp


computer running slow, problem with Rundll32.exe
Hi, my computer has recently been slow, I believe that the problem has to do something with the Rundll32.exe. I used Spybot to detect the spyware, and I tried to fix it, but it keeps coming back up. On Spybot it shows on the system startup Value: BM436fe0ec and command line: Rundll32.exe "C:/WINDOWS/system32/peuxtapq.dll",s. hopefully this can be some help.

Here is the DSS.
Sorry but I couldn't find any extra.txt in my folder.

Deckard's System Scanner v20071014.68
Run by ryanho on 2008-07-31 01:17:23
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as ryanho.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:17:27 AM, on 7/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\ryanho.RYAN\Desktop\dss(2).exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\ryanho.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.blizzard.com/register/war3x/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {10702DEC-552A-49FB-BCCC-B5BFB7DD8784} - C:\WINDOWS\system32\rqRHxyyW.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {6CF8E9EA-60A9-4BCB-AF88-5EDD42C34C79} - (no file)
O2 - BHO: (no name) - {6FF22309-A6ED-462B-ABEC-877625C012F3} - C:\WINDOWS\system32\rqRKCVLe.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O4 - HKLM\..\Run: [UserFaultCheck] C:\WINDOWS\system32\dumprep 0 -u
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [EPSON Stylus C88 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE" /P23 "EPSON Stylus C88 Series" /O6 "USB001" /M "Stylus C88"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Dell\Media Experience\DMXLauncher.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BM436fe0ec] Rundll32.exe "C:\WINDOWS\system32\peuxtapq.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA7368] command /c del "C:\WINDOWS\system32\peuxtapq.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC750] cmd /c del "C:\WINDOWS\system32\peuxtapq.dll_old"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\RunOnce: [SpybotDeletingB5143] command /c del "C:\WINDOWS\system32\peuxtapq.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7988] cmd /c del "C:\WINDOWS\system32\peuxtapq.dll_old"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: MEMonitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1209697550718
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} - http://www.playwhat.com/solidPlugin/solidstateion.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} - http://gamedownload.ijjimax.com/game...Plugin9USA.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DD46FBB-00B6-463D-8202-199682932A46}: NameServer = 192.168.1.1,4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{86AEE903-CED0-4BBA-9AC4-FFCB5B050BBA}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0DD46FBB-00B6-463D-8202-199682932A46}: NameServer = 192.168.1.1,4.2.2.2
O20 - Winlogon Notify: rqRKCVLe - C:\WINDOWS\SYSTEM32\rqRKCVLe.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Print Spooler Service (ep1eiv1f7z) - Unknown owner - C:\WINDOWS\system32\y.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spooler Subsystem App (Splr_Service) - Unknown owner - C:\WINDOWS\Help\spoolsv.exe (file missing)
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 11432 bytes

-- Files created between 2008-06-30 and 2008-07-31 -----------------------------

2008-07-30 23:29:16 0 d-------- C:\Program Files\SpywareBlaster
2008-07-30 21:46:40 95744 --a------ C:\WINDOWS\system32\ymaxez.dll
2008-07-30 21:46:39 95744 --a------ C:\WINDOWS\system32\hnbntspi.dll
2008-07-30 21:43:40 81408 --a------ C:\WINDOWS\system32\qbusuhdv.dll
2008-07-30 21:40:25 118784 --a------ C:\WINDOWS\system32\sgvbfrov.dll
2008-07-30 21:38:54 118784 --a------ C:\WINDOWS\system32\jikadfrs.dll
2008-07-30 21:33:05 118784 --a------ C:\WINDOWS\system32\nfeyogml.dll
2008-07-30 21:32:39 118784 --a------ C:\WINDOWS\system32\wbtitenv.dll
2008-07-30 21:32:20 118784 --a------ C:\WINDOWS\system32\iaalalef.dll
2008-07-30 21:32:00 118784 --a------ C:\WINDOWS\system32\mufcfawq.dll
2008-07-30 21:31:32 118784 --a------ C:\WINDOWS\system32\kjixvvjd.dll
2008-07-30 21:28:46 95744 --a------ C:\WINDOWS\system32\xkzmuk.dll
2008-07-30 21:28:45 95744 --a------ C:\WINDOWS\system32\yxlebubx.dll
2008-07-30 21:28:24 118784 --a------ C:\WINDOWS\system32\kwrabulh.dll
2008-07-30 21:28:05 118784 --a------ C:\WINDOWS\system32\emmaahqu.dll
2008-07-30 21:27:15 118784 --a------ C:\WINDOWS\system32\msjrbguk.dll
2008-07-30 21:25:11 89600 --a------ C:\WINDOWS\system32\mrltyjmw.dll
2008-07-30 21:24:15 145385 --ahs---- C:\WINDOWS\system32\WyyxHRqr.ini2
2008-07-30 21:24:05 247808 --a------ C:\WINDOWS\system32\rqRHxyyW.dll
2008-07-30 21:19:46 0 d-------- C:\WINDOWS\system32\371186
2008-07-30 21:19:09 33792 --a------ C:\WINDOWS\system32\winwea32.dll
2008-07-30 21:18:57 35328 --a------ C:\WINDOWS\system32\rqRKCVLe.dll
2008-07-30 21:18:57 35328 --a------ C:\WINDOWS\system32\hgGYonmk.dll
2008-07-23 12:50:59 0 dr-h----- C:\Documents and Settings\ryanho.RYAN\Recent
2008-07-08 04:26:45 21790 --a------ C:\WINDOWS\system2420172.exe
2008-07-08 04:26:40 18720 --a------ C:\WINDOWS\system32\google.exe
2008-07-02 20:50:59 23 --a------ C:\Documents and Settings\ryanho.RYAN\jagex_runescape_preferences.dat


-- Find3M Report ---------------------------------------------------------------

2008-07-30 21:02:34 0 d-------- C:\Program Files\Steam
2008-07-30 20:23:29 0 d-------- C:\Program Files\World of Warcraft
2008-07-28 23:47:21 0 d-------- C:\Program Files\Warcraft III
2008-07-26 19:40:19 0 d-------- C:\Documents and Settings\ryanho.RYAN\Application Data\LimeWire
2008-07-23 11:33:24 0 d-------- C:\Documents and Settings\ryanho.RYAN\Application Data\Azureus
2008-07-21 20:18:18 0 d-------- C:\Program Files\LimeWire
2008-07-18 15:19:09 0 d-------- C:\Program Files\VideoLAN
2008-07-18 12:10:22 0 d-------- C:\Program Files\Last.fm
2008-07-08 20:55:18 69751 --a------ C:\WINDOWS\War3Unin.dat
2008-06-30 12:03:57 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-06-29 17:03:04 0 d-------- C:\Program Files\ATI Technologies
2008-06-23 00:10:55 0 d-------- C:\Program Files\Curse
2008-06-22 12:20:25 0 d-------- C:\Program Files\Common Files
2008-06-21 21:05:56 0 d--h----- C:\Documents and Settings\ryanho.RYAN\Application Data\ijjigame
2008-06-17 23:32:07 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-15 11:38:04 0 d-------- C:\Program Files\LG Electronics
2008-06-15 11:37:46 0 d-------- C:\Program Files\Verizon Wireless
2008-06-05 15:38:22 0 d-------- C:\Program Files\AIM Music Link
2008-06-04 21:59:03 0 d-------- C:\Documents and Settings\ryanho.RYAN\Application Data\IGN_DLM
2008-06-04 21:00:54 0 d-------- C:\Program Files\Download Manager
2008-06-02 21:05:00 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2008-05-01 20:27:16 0 --a----c- C:\WINDOWS\ativpsrm.bin


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10702DEC-552A-49FB-BCCC-B5BFB7DD8784}]
07/30/2008 09:24 PM 247808 --a------ C:\WINDOWS\system32\rqRHxyyW.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6CF8E9EA-60A9-4BCB-AF88-5EDD42C34C79}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6FF22309-A6ED-462B-ABEC-877625C012F3}]
07/30/2008 09:18 PM 35328 --a------ C:\WINDOWS\system32\rqRKCVLe.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" []
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/10/2000 11:00 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [05/02/2008 04:17 PM]
"SigmatelSysTrayApp"="stsystra.exe" [03/22/2005 10:20 PM C:\WINDOWS\stsystra.exe]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [06/10/2005 08:44 AM]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [06/10/2005 08:44 AM]
"EPSON Stylus C88 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.exe" [01/27/2005 05:00 AM]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [05/03/2006 01:12 AM]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [09/08/2005 03:20 AM]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [09/15/2005 07:47 AM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [02/07/2008 09:22 PM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [08/05/2005 07:05 PM]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [01/21/2008 12:17 PM]
"BM436fe0ec"="C:\WINDOWS\system32\peuxtapq.dll" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 03:00 AM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 12:43 PM]
"SetDefaultMIDI"="MIDIDef.exe" [12/22/2004 03:40 PM C:\WINDOWS\MIDIDEF.EXE]
"igndlm.exe"="C:\Program Files\Download Manager\DLM.exe" [03/05/2007 02:57 PM]
"Aim6"="" []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"SpybotDeletingB5143"=command /c del "C:\WINDOWS\system32\peuxtapq.dll_old"
"SpybotDeletingD7988"=cmd /c del "C:\WINDOWS\system32\peuxtapq.dll_old"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"Spybot - Search & Destroy"="C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
"SpybotDeletingA7368"=command /c del "C:\WINDOWS\system32\peuxtapq.dll_old"
"SpybotDeletingC750"=cmd /c del "C:\WINDOWS\system32\peuxtapq.dll_old"

C:\Documents and Settings\ryanho.RYAN\Start Menu\Programs\Startup\
MEMonitor.lnk - C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor.exe [6/15/2008 11:37:47 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [6/8/2006 9:33:52 AM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/12/2001 11:01:04 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{6FF22309-A6ED-462B-ABEC-877625C012F3}"= C:\WINDOWS\system32\rqRKCVLe.dll [07/30/2008 09:18 PM 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqRKCVLe]
rqRKCVLe.dll 07/30/2008 09:18 PM 35328 C:\WINDOWS\system32\rqRKCVLe.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\rqRHxyyW

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CurseClient"=C:\Program Files\Curse\CurseClient.exe


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe




-- End of Deckard's System Scanner: finished at 2008-07-31 01:17:57 ------------
zeromonkeyx is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here