Tech Support banner

Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
2 Posts
Discussion Starter #1
Recently I've noticed that my PC is noticably slower starting up.
I have installed:
ZoneAlarm Pro v7.0.337.000 containing anti-spyware engine version 5.0.187.0 and DAT file version 01.200711.2795
AVG Free 7.5.503 , Virus Base 269.15.32/1131
Spyware Blaster
and run Spybot Search and Destroy, Adaware SE personal and A squared Free on a regular basis.
I have 2 separate hard drives a C: running windows 2000 SP4 which is virtually never booted up on, and a d: running Win XP SP2 which Iis the one almost exclusively booted up on.

In doing your checks prior to posting, the Panda scan found several generic items of trojans and malware/spyware/potnetially unwanted programs/hacktools which I didnt know existed.

Contents of dss.exe main.txt below:
Deckard's System Scanner v20071014.68
Run by Justin and Lynda on 2007-11-15 08:01:45
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 2 Restore Point(s) --
2: 2007-11-14 19:01:49 UTC - RP2 - Deckard's System Scanner Restore Point
1: 2007-11-14 08:19:46 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

System Drive D: has 13.35 GiB (less than 15%) free.


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-11-15 08:04:00
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16544)
Boot mode: Normal

Running processes:
D:\WINDOWS\system32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Grisoft\AVG7\avgamsvr.exe
D:\Program Files\Grisoft\AVG7\avgupsvc.exe
D:\Program Files\Grisoft\AVG7\avgemc.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Common Files\Creative Labs Shared\Service\APLicensing.exe
D:\WINDOWS\system32\CTSVCCDA.EXE
D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
D:\Program Files\Microsoft LifeCam\MSCamS32.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Grisoft\AVG7\avgcc.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\Maxtor\MSS Backup\MaxBackService.exe
D:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
D:\Program Files\Maxtor\ManagerApp\msssort.exe
D:\WINDOWS\vVX3000.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
D:\Documents and Settings\Justin and Lynda\Desktop\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MaxBackSchedule] "D:\Program Files\Maxtor\MSS Backup\maxbackservice.exe"
O4 - HKLM\..\Run: [mxomssmenu] "D:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [mssSort] "D:\Program Files\Maxtor\ManagerApp\msssort.exe"
O4 - HKLM\..\Run: [VX3000] D:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "D:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] D:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1167209961812
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15030/CTPID.cab
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - D:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Pack Licensing Service - Creative Labs - D:\Program Files\Common Files\Creative Labs Shared\Service\APLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTSVCCDA.EXE
O23 - Service: Diskeeper - Diskeeper Corporation - D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Shavlik Remote Scheduler Service (Shavlik Scheduler) - Shavlik Technologies - D:\WINDOWS\ProPatches\Scheduler\stSchedEx.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe


--
End of file - 8521 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - d:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>

S3 dtscsi - d:\windows\system32\drivers\dtscsi.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "d:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 Creative Audio Pack Licensing Service - "d:\program files\common files\creative labs shared\service\aplicensing.exe" <Not Verified; Creative Labs; Creative Audio Pack Licensing Service>
R2 Diskeeper - "d:\program files\diskeeper corporation\diskeeper\dkservice.exe" <Not Verified; Diskeeper Corporation; Diskeeper (TM) Disk Defragmenter>

S3 FLEXnet Licensing Service - "d:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\85319148556
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\85319148556
Service: NIC1394


-- Scheduled Tasks -------------------------------------------------------------

2007-11-02 16:11:08 284 --a------ D:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-10-15 and 2007-11-15 -----------------------------

2007-11-14 22:46:48 0 d-------- D:\WINDOWS\system32\ActiveScan
2007-11-14 22:46:47 0 d-------- D:\WINDOWS\LastGood
2007-11-13 20:19:16 0 d-------- D:\Documents and Settings\All Users\Application Data\Maxtor
2007-11-13 20:13:55 0 d------c- D:\WINDOWS\system32\DRVSTORE
2007-11-13 20:12:56 0 d-------- D:\Program Files\Microsoft LifeCam
2007-11-13 20:02:31 0 d-------- D:\Documents and Settings\Justin and Lynda\Application Data\Maxtor Quick Start
2007-11-13 20:02:28 0 d-------- D:\Program Files\Maxtor
2007-11-13 19:38:54 0 dr-h----- D:\Documents and Settings\Justin and Lynda\Recent
2007-11-02 17:58:18 0 d--h----- D:\WINDOWS\msdownld.tmp
2007-11-02 14:46:37 0 d-------- D:\Documents and Settings\Justin and Lynda\Application Data\Bioshock


-- Find3M Report ---------------------------------------------------------------

2007-11-15 15:42:11 4212 ---h----- D:\WINDOWS\system32\zllictbl.dat
2007-11-15 00:03:46 0 d-------- D:\Program Files\TagRename
2007-11-15 00:03:16 0 d-------- D:\Program Files\PowerISO
2007-11-15 00:00:58 0 d-------- D:\Program Files\MagicISO
2007-11-14 23:55:54 0 d-------- D:\Program Files\Bonjour
2007-11-14 23:52:33 0 d-------- D:\Program Files\a-squared Free
2007-11-14 18:37:26 0 d-------- D:\Program Files\SpywareBlaster
2007-11-13 20:04:32 0 d--h----- D:\Program Files\InstallShield Installation Information
2007-11-13 20:02:12 0 d-------- D:\Program Files\Common Files\InstallShield
2007-11-13 07:56:44 0 d-------- D:\Documents and Settings\Justin and Lynda\Application Data\Azureus
2007-11-12 18:16:05 0 d-------- D:\Documents and Settings\Justin and Lynda\Application Data\AVG7
2007-10-28 16:52:00 1626112 --a------ D:\WINDOWS\system32\nwiz.exe
2007-10-28 16:52:00 1019904 --a------ D:\WINDOWS\system32\nvwimg.dll
2007-10-28 16:52:00 1703936 --a------ D:\WINDOWS\system32\nvwdmcpl.dll
2007-10-28 16:52:00 466944 --a------ D:\WINDOWS\system32\nvshell.dll
2007-10-28 16:52:00 286720 --a------ D:\WINDOWS\system32\nvnt4cpl.dll
2007-10-28 16:52:00 1478656 --a------ D:\WINDOWS\system32\nview.dll
2007-10-28 16:52:00 1339392 --a------ D:\WINDOWS\system32\nvdspsch.exe
2007-10-28 16:52:00 442368 --a------ D:\WINDOWS\system32\nvappbar.exe
2007-10-28 16:52:00 425984 --a------ D:\WINDOWS\system32\keystone.exe
2007-10-12 22:55:00 0 d-------- D:\Program Files\Azureus
2007-10-10 20:47:34 0 d-------- D:\Documents and Settings\Justin and Lynda\Application Data\DivX
2007-10-10 19:15:46 0 d-------- D:\Program Files\PrintFolder
2007-09-29 18:51:35 0 d-------- D:\Documents and Settings\Justin and Lynda\Application Data\FinalBurner Audio CD
2007-09-22 12:26:38 0 d-------- D:\Program Files\Ashampoo
2007-09-20 22:24:34 0 d-------- D:\Program Files\DivX
2007-09-18 07:23:00 823296 --a------ D:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-18 07:23:00 823296 --a------ D:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-18 07:22:58 802816 --a------ D:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-09-18 07:22:58 739840 --a------ D:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-09-09 16:03:49 0 --a------ D:\Program Files\_r_a_p_.tmp
2007-08-31 21:09:34 4096 --a------ D:\WINDOWS\d3dx.dat
2007-08-21 13:26:52 196608 --a------ D:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-08-21 13:26:52 81920 --a------ D:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-08-16 11:33:14 3596288 --a------ D:\WINDOWS\system32\qt-dx331.dll
2007-08-16 11:30:26 12288 --a------ D:\WINDOWS\system32\DivXWMPExtType.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="D:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [01/11/2007 03:25 p.m.]
"ZoneAlarm Client"="D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [09/03/2007 01:02 a.m.]
"MaxBackSchedule"="D:\Program Files\Maxtor\MSS Backup\maxbackservice.exe" [15/06/2006 12:21 p.m.]
"mxomssmenu"="D:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [05/06/2006 01:00 p.m.]
"mssSort"="D:\Program Files\Maxtor\ManagerApp\msssort.exe" [25/05/2006 01:41 p.m.]
"VX3000"="D:\WINDOWS\vVX3000.exe" [11/04/2007 10:46 a.m.]
"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [28/10/2007 04:52 p.m.]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [01/03/2006 01:00 a.m.]
"CTSyncU.exe"="D:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [10/04/2007 10:15 a.m.]

D:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [12/05/2005 12:23:26 a.m.]
HP Image Zone Fast Start.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [12/05/2005 1:49:24 a.m.]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=D:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Justin and Lynda^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=D:\Documents and Settings\Justin and Lynda\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=D:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Justin and Lynda^Start Menu^Programs^Startup^Azureus Ultra Accelerator.lnk]
path=D:\Documents and Settings\Justin and Lynda\Start Menu\Programs\Startup\Azureus Ultra Accelerator.lnk
backup=D:\WINDOWS\pss\Azureus Ultra Accelerator.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Justin and Lynda^Start Menu^Programs^Startup^VersionTracker Pro.lnk]
path=D:\Documents and Settings\Justin and Lynda\Start Menu\Programs\Startup\VersionTracker Pro.lnk
backup=D:\WINDOWS\pss\VersionTracker Pro.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AgentInstallationService"=2 (0x2)
"a2free"=2 (0x2)
"Adobe LM Service"=3 (0x3)
"UPS"=3 (0x3)
"Shavlik Scheduler"=2 (0x2)
"NetChkPatch"=2 (0x2)


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
AutoRun\command- G:\AutoRun.exe

*Newly Created Service* - FTPNRGMOGXLG
*Newly Created Service* - RKPAVPROC
*Newly Created Service* - SDTHOOK



-- End of Deckard's System Scanner: finished at 2007-11-15 18:32:08 ------------

I've attached the panda scan log ans the dss extra.txt to this my first post.

I'd appreciate an advice on how to permanently remove the virus.malware etc and on how to speed the startup of my pc again.

Cheers in advance
Justin
 

Attachments

·
Registered
Joined
·
2 Posts
Discussion Starter #2
Re: Computer noticably slower on startup recently, trojan horse generic8.mxa found

Hi, I posted this 6 days ago now and havent heard anything yet, is anyone able to help?
 
1 - 2 of 2 Posts
Status
Not open for further replies.
Top