Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
Heeelp!! Heeelp!!
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Reply
 
Thread Tools
Old 04-05-2008, 05:41 PM   #1 (permalink)
Registered User
 
Join Date: Apr 2008
Posts: 2
OS: Windows XP Pro


Heeelp!!
Hi,

I was wondering if someone could help me out...the thing is I did not notice the virus/problem until i was on MSN and a mate started receiving weird messages from me. I have copied the scan details below and added the attatchment as requested (plus followed the five steps). I have not had any weird messages like trojan.exe or anything similar...I know there is a problem as all the scanners come up with "infected problems" but I do not know how to fix it without messing up the computer even more!

Hope someone can help...cheers!!

Mo

Deckard's System Scanner v20071014.68
Run by Muhammad Murtaza on 2008-04-06 01:17:22
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
8: 2008-04-06 00:18:16 UTC - RP31 - Deckard's System Scanner Restore Point
7: 2008-04-06 00:04:46 UTC - RP30 - Software Distribution Service 3.0
6: 2008-04-05 15:30:05 UTC - RP29 - System Checkpoint
5: 2008-04-02 13:32:41 UTC - RP28 - Shockwave Player
4: 2008-04-02 13:29:47 UTC - RP27 - Shockwave Player


-- First Restore Point --
1: 2008-04-01 19:43:12 UTC - RP24 - Installed STOPzilla. Available with Windows Installer version 1.2 and later.


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 224 MiB (512 MiB recommended).


-- HijackThis (run as Muhammad Murtaza.exe) ------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:26:49, on 06/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Executive Software\DiskeeperServer\DKService.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Personal Firewall\ccPxySvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\kam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Muhammad Murtaza\Local Settings\Temporary Internet Files\Content.IE5\ELECDPWL\dss[1].exe
C:\Program Files\Symantec\LiveUpdate\LUAll.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\MUHAMM~1\Desktop\Muhammad Murtaza.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {313ED77C-8A0C-4CCA-9594-B1F095F2A7B3} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [kam] C:\WINDOWS\system32\kam.exe
O4 - HKLM\..\RunServices: [kam] C:\WINDOWS\system32\kam.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa...bs/tgctlsr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1118015033108
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ccPxySvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperServer\DKService.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\NISUM.EXE
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: Print Spooler Service (yua5eek8e81) - Unknown owner - C:\WINDOWS\system32\kam.exe

--
End of file - 6918 bytes

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - C:\WINDOWS\SYSTEM32\SHELL32.DLL,-153
.com - comfile - DefaultIcon - C:\WINDOWS\SYSTEM32\SHELL32.DLL,2
.hlp - hlpfile - DefaultIcon - C:\WINDOWS\SYSTEM32\SHELL32.DLL,23
.ini - inifile - DefaultIcon - shell32.dll,-151
.js - JSFile - DefaultIcon - C:\WINDOWS\System32\migicons.exe,7
.reg - regfile - DefaultIcon - C:\WINDOWS\regedit.exe,1
.txt - txtfile - DefaultIcon - shell32.dll,-152
.vbs - VBSFile - DefaultIcon - C:\WINDOWS\System32\migicons.exe,6


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 SiSide - c:\windows\system32\drivers\siside.sys <Not Verified; Silicon Integrated Systems Corp.; SiS PCI Mini IDE Driver>
R0 sisidex - c:\windows\system32\drivers\sisidex.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R0 sisperf (Add Performance Filter Driver) - c:\windows\system32\drivers\sisperf.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R0 Vmodem (W2k Vmodem) - c:\windows\system32\drivers\vmodem.sys <Not Verified; PCTEL, INC.; HSP Modem Modem Device>
R0 Vpctcom (W2k Vpctcom) - c:\windows\system32\drivers\vpctcom.sys <Not Verified; PCtel, Inc.; HSP Modem Virtual Control Device>
R0 Vvoice (W2k Vvoice) - c:\windows\system32\drivers\vvoice.sys <Not Verified; PCtel, Inc.; PCTEL HSP Modem Voice Device>
R1 GhPciScan (GhostPciScanner) - c:\program files\symantec\norton ghost 2003\ghpciscan.sys <Not Verified; Symantec Corporation; Symantec Ghost PCI Scanner>
R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R3 Ptserial (W2K Pctel Serial Device Driver) - c:\windows\system32\drivers\ptserial.sys <Not Verified; PCTEL, INC.; HSP Modem Serial Device>

S3 WebSTARNdis (WebSTAR DPX USB Cable Modem Adapter) - c:\windows\system32\drivers\webstar.sys <Not Verified; Scientific Atlanta; WebSTAR USB Cable Modem>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Diskeeper - c:\program files\executive software\diskeeperserver\dkservice.exe <Not Verified; Executive Software International, Inc.; Diskeeper (TM) Disk Defragmenter>
R2 GhostStartService - c:\progra~1\symantec\norton~1\ghosts~2.exe <Not Verified; Symantec Corporation; Norton Ghost Start Service>

S2 yua5eek8e81 (Print Spooler Service) - c:\windows\system32\kam.exe /service
S3 WmcCds (Windows Media Connect (WMC)) - c:\program files\windows media connect\mswmccds.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmcCdsLs (Windows Media Connect (WMC) Helper) - c:\program files\windows media connect\mswmcls.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID:
Description: Multimedia Audio Controller
Device ID: PCI\VEN_1039&DEV_7012&SUBSYS_030013F6&REV_A0\3&61AAA01&0&17
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_1039&DEV_7012&SUBSYS_030013F6&REV_A0\3&61AAA01&0&17
Service:


-- Scheduled Tasks -------------------------------------------------------------

2008-04-06 01:11:17 386 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2008-04-06 00:51:01 258 --a------ C:\WINDOWS\Tasks\Uninstall Expiration Reminder.job
2008-04-05 23:20:02 378 --a------ C:\WINDOWS\Tasks\PCHealth Scheduler for Data Collection.job
2008-04-05 23:00:06 502 --a------ C:\WINDOWS\Tasks\Tune-up Application Start.job
2008-04-02 20:07:58 430 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job


-- Files created between 2008-03-06 and 2008-04-06 -----------------------------

2008-04-06 00:36:32 0 d-------- C:\ie-spyad_zo
2008-04-06 00:33:28 0 d-------- C:\Program Files\Panda Security
2008-04-06 00:33:20 0 d-------- C:\WINDOWS\LastGood
2008-04-02 14:31:06 0 d-------- C:\Program Files\Norton Security Scan
2008-04-02 14:26:52 0 d-------- C:\WINDOWS\system32\Adobe
2008-04-01 21:12:47 0 d-------- C:\Documents and Settings\Default User\Application Data\Macromedia
2008-04-01 21:12:42 0 d-------- C:\Documents and Settings\Default User\Application Data\Adobe
2008-04-01 21:11:52 0 d-------- C:\Documents and Settings\Default User\Application Data\Google
2008-04-01 20:47:45 0 d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-04-01 20:43:57 0 d-------- C:\Program Files\Common Files\iS3
2008-04-01 20:43:48 0 d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-04-01 11:13:47 0 dr-h----- C:\Documents and Settings\Muhammad Murtaza\Recent
2008-03-28 16:10:52 0 d---s---- C:\Documents and Settings\NetworkService\UserData
2008-03-28 16:10:37 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Adobe
2008-03-28 16:10:13 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Google
2008-03-28 16:10:12 0 dr------- C:\Documents and Settings\NetworkService\Favorites
2008-03-28 16:09:58 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Symantec
2008-03-24 16:02:16 188416 --a------ C:\WINDOWS\system32\kam.exe
2008-03-22 17:09:47 0 d-------- C:\Documents and Settings\All Users\Application Data\MotiveSysIDs
2008-03-22 16:56:54 69632 --a------ C:\WINDOWS\system32\MCCDevice.dll <Not Verified; Motive Communications, Inc.; >
2008-03-22 16:56:54 6048 --a------ C:\WINDOWS\system32\mcc16.dll
2008-03-22 16:56:49 81920 --a------ C:\WINDOWS\system32\W32n50.dll <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-03-22 16:56:49 17162 --a------ C:\WINDOWS\system32\Pcandis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-03-22 16:56:49 16848 --a------ C:\WINDOWS\system32\Pcandis4.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-03-22 16:12:54 0 d-------- C:\Program Files\Common Files\Motive
2008-03-22 16:12:27 0 d-------- C:\WINDOWS\Drivers


-- Find3M Report ---------------------------------------------------------------

2008-04-06 01:27:34 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-05 23:00:15 0 dr------- C:\Program Files\Common Files
2008-04-02 14:33:28 0 d-------- C:\Documents and Settings\Muhammad Murtaza\Application Data\Adobe
2008-04-02 14:33:23 0 d-------- C:\Documents and Settings\Muhammad Murtaza\Application Data\Macromedia
2008-03-25 23:45:33 0 d-------- C:\Documents and Settings\Muhammad Murtaza\Application Data\AdobeUM
2008-02-15 14:17:41 0 d-------- C:\Program Files\MyWay
2008-02-14 20:15:04 0 d-------- C:\Program Files\Norton AntiVirus
2008-02-14 19:55:34 0 d-------- C:\Program Files\Symantec
2008-01-28 01:02:49 19936 --a------ C:\Documents and Settings\Muhammad Murtaza\Application Data\GDIPFONTCACHEV1.DAT
2008-01-12 16:13:51 5364354 --ah----- C:\Documents and Settings\Muhammad Murtaza\Application Data\IconCache.db
2008-01-07 00:16:28 8704 --a------ C:\Documents and Settings\Muhammad Murtaza\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{313ED77C-8A0C-4CCA-9594-B1F095F2A7B3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
02/01/2008 23:16 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SystemTray"="SysTray.Exe" [23/08/2001 20:00 C:\WINDOWS\SYSTEM32\systray.exe]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [12/07/2002 11:15]
"PCTVOICE"="pctspk.exe" [07/01/2003 01:40 C:\WINDOWS\SYSTEM32\pctspk.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [02/12/2003 17:11]
"ccRegVfy"="C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" [02/12/2003 17:11]
"Advanced Tools Check"="C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE" [26/08/2002 23:35]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [06/06/2005 11:08]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [14/11/2007 17:05]
"kam"="C:\WINDOWS\system32\kam.exe" [24/03/2008 16:02]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 00:56]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"kam"=C:\WINDOWS\system32\kam.exe

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
F:\DOWNLO~1\NOKIAP~1\TRAYAP~1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS KHooker]
C:\WINDOWS\System32\khooker.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
"C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yajfpxr]
C:\Program Files\Oktxl\Meampk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42892e68-c1d6-11dc-a3a6-000d871135fc}]
AutoRun\command- H:\InstallTomTomHOME.exe

*Newly Created Service* - RKPAVPROC



-- End of Deckard's System Scanner: finished at 2008-04-06 01:30:17 ------------
Attached Files
File Type: txt extra.txt (11.4 KB, 0 views)
Mamos987 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 04-10-2008, 02:47 PM   #2 (permalink)
Registered User
 
Join Date: Apr 2008
Posts: 2
OS: Windows XP Pro


Re: Heeelp!!
Can someone please help me with this??
Mamos987 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 06:10 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81