Technology Forum

Tech Ace · #1 07-23-2008, 09:39 PM

Hi, I hope someone can help me out, My boyfriend had uninstalled AVG as it was out of date (?) and was unable to reinstall it, he tried another program on Saturday, restarted PC and then went out...... Since Sunday I have had problems accessing websites such as hotmail, myspace, facebook and ebay. I then re-installed AVG free but AVG didn't pick up any viruses however I then installed windows defender and spyware doctor (sd). Sd found several and quartined them, I have a snap shot of this screen if its required. It seems I may have been infected with the vundo trojan, when i had a look in temp internet files there were literally hundreds of random files all in blue (does that mean anything?) i deleted them... (before finding this forum) spyware doctor (sd) has quarantined about 6 named threats (150 items) , but I'm not sure if they have been removed or not. The sd history lists hundreds of things (since yesterday) some with yellow triangles stating infection was detected, some say infection cleaned etc I discovered later if i set myspace as my home page i could access the sites on IE. Everything is running really slow and I was advised elsewhere on the forum to check in here. I have followed steps 1-5 and all have been completed successfully. The only antivirus i left on the system was spyware Doctor as it was the one had picked up the threats, I usually prefer to use the AVG free. I removed / uninstalled firefox although it is my preferred browser along with windows live/messenger aswell. Though I would like to reinstall these later if possible. This is my log:- Deckard's System Scanner v20071014.68 Run by Cat on 2008-07-23 20:35:53 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 128: 2008-07-23 19:36:03 UTC - RP782 - Deckard's System Scanner Restore Point 127: 2008-07-23 19:11:31 UTC - RP781 - Software Distribution Service 3.0 126: 2008-07-23 18:42:15 UTC - RP780 - Installed WinZip 11.2 125: 2008-07-23 17:02:11 UTC - RP779 - Installed AVG Free 8.0 124: 2008-07-23 17:00:55 UTC - RP778 - Removed AVG Free 8.0 -- First Restore Point -- 1: 2008-07-19 09:13:07 UTC - RP655 - System Checkpoint Backed up registry hives. Performed disk cleanup. Total Physical Memory: 479 MiB (512 MiB recommended). -- HijackThis (run as Cat.exe) ------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:38:29, on 23/07/2008 Platform: windows xp SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe C:\Program Files\Lexmark X74-X75\lxbbbmon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Documents and Settings\Cat\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe C:\Documents and Settings\Cat\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\Cat\Desktop\dss.exe C:\DOCUME~1\Cat\Desktop\Cat.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\s wg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Cat\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe O4 - Startup: YouTube Uploader.lnk = C:\Documents and Settings\Cat\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe O4 - Global Startup: LUMIX Simple Viewer.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.skybroadband.com (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02...s/MSNPUpld.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1169765768765 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E2B984CD-55EE-4916-ADE6-AB97312A5E6F}: NameServer = 192.168.0.1,192.168.0.10 O20 - Winlogon Notify: ljJAQgfF - ljJAQgfF.dll (file missing) O20 - Winlogon Notify: ljJCsspM - ljJCsspM.dll (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 7947 bytes -- File Associations ----------------------------------------------------------- .cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%* .cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys S3 ALCXSENS (Service for WDM 3D Audio Driver) - c:\windows\system32\drivers\alcxsens.sys S3 k750bus (Sony Ericsson 750 driver (WDM)) - c:\windows\system32\drivers\k750bus.sys S3 k750mdfl (Sony Ericsson 750 USB WMC Modem Filter) - c:\windows\system32\drivers\k750mdfl.sys S3 k750mdm (Sony Ericsson 750 USB WMC Modem Drivers) - c:\windows\system32\drivers\k750mdm.sys S3 k750mgmt (Sony Ericsson 750 USB WMC Device Management Drivers) - c:\windows\system32\drivers\k750mgmt.sys S3 k750obex (Sony Ericsson 750 USB WMC OBEX Interface Drivers) - c:\windows\system32\drivers\k750obex.sys S3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\windows\system32\pcandis5.sys (file missing) S3 SE27bus (Sony Ericsson Device 039 Driver driver (WDM)) - c:\windows\system32\drivers\se27bus.sys S3 SE27mdfl (Sony Ericsson Device 039 USB WMC Modem Filter) - c:\windows\system32\drivers\se27mdfl.sys S3 SE27mdm (Sony Ericsson Device 039 USB WMC Modem Driver) - c:\windows\system32\drivers\se27mdm.sys S3 SE27mgmt (Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\se27mgmt.sys S3 se27nd5 (Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)) - c:\windows\system32\drivers\se27nd5.sys S3 SE27obex (Sony Ericsson Device 039 USB WMC OBEX Interface) - c:\windows\system32\drivers\se27obex.sys S3 se27unic (Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)) - c:\windows\system32\drivers\se27unic.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318} Description: Device ID: ACPI\ATK0110\1010110 Manufacturer: ATK Name: PNP Device ID: ACPI\ATK0110\1010110 Service: -- Scheduled Tasks ------------------------------------------------------------- 2008-07-19 11:05:06 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -- Files created between 2008-06-23 and 2008-07-23 ----------------------------- 2008-07-23 20:33:31 0 d-------- C:\WINDOWS\Prefetch 2008-07-23 20:25:46 0 d-------- C:\WINDOWS\system32\scripting 2008-07-23 20:25:45 0 d-------- C:\WINDOWS\l2schemas 2008-07-23 20:25:44 0 d-------- C:\WINDOWS\system32\en 2008-07-23 20:25:43 0 d-------- C:\WINDOWS\system32\bits 2008-07-23 20:23:02 0 d-------- C:\WINDOWS\ServicePackFiles 2008-07-23 20:14:41 0 d-------- C:\WINDOWS\EHome 2008-07-23 19:42:21 0 d-------- C:\Documents and Settings\All Users\Application Data\WinZip 2008-07-23 19:36:36 0 d-------- C:\ie-spyad_zo 2008-07-23 19:24:29 0 d-------- C:\Program Files\SpywareBlaster 2008-07-23 18:14:11 0 d-------- C:\Program Files\Panda Security 2008-07-23 18:02:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg8 2008-07-23 08:42:55 0 d-------- C:\327882R2FWJFW 2008-07-21 22:06:43 0 d-------- C:\Program Files\Spyware Doctor 2008-07-21 21:52:16 0 d-------- C:\VundoFix Backups 2008-07-21 18:04:45 36 -r-h----- C:\WINDOWS\sued.dat 2008-07-20 16:13:57 0 d-------- C:\Program Files\AVG 2008-07-20 15:52:07 0 --a------ C:\END 2008-07-20 15:46:41 0 d-------- C:\Program Files\Performanceoptimizer (Free) 2008-07-19 22:25:24 102400 --a------ C:\WINDOWS\system32\vlqkhqgj.dll 2008-07-19 22:16:26 93696 --a------ C:\WINDOWS\system32\xbwwbity.dll 2008-07-19 12:31:16 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-07-19 12:30:50 0 d-------- C:\Program Files\Common Files\PC Tools 2008-07-19 10:15:22 82432 --a------ C:\WINDOWS\system32\bvuqqffn.dll 2008-07-19 10:09:40 609716 --ahs---- C:\WINDOWS\system32\yJjlkRqr.ini2 2008-07-12 12:11:37 0 d-------- C:\Program Files\iPod 2008-07-12 12:11:17 0 d-------- C:\Program Files\iTunes 2008-07-12 12:10:05 0 d-------- C:\Program Files\Bonjour 2008-07-12 12:08:49 0 d-------- C:\Program Files\QuickTime -- Find3M Report --------------------------------------------------------------- 2008-07-23 20:26:10 0 d-------- C:\Program Files\Messenger 2008-07-23 20:25:43 0 d-------- C:\Program Files\Movie Maker 2008-07-23 20:22:46 0 d-------- C:\Program Files\Windows NT 2008-07-23 17:58:14 0 d-------- C:\Program Files\Windows Live 2008-07-23 17:53:07 0 d-------- C:\Program Files\MySpace 2008-07-21 12:00:00 0 d-------- C:\Documents and Settings\Cat\Application Data\Mozilla 2008-07-20 17:43:53 0 d-------- C:\Program Files\AviSynth 2.5 2008-07-20 17:35:34 0 d-------- C:\Program Files\Java 2008-07-20 16:10:00 6270 --a------ C:\Documents and Settings\Cat\Application Data\update.log 2008-07-20 15:16:19 0 d-------- C:\Program Files\DVDforger 2008-07-20 15:13:39 0 d-------- C:\Documents and Settings\Cat\Application Data\PC Tools 2008-07-19 12:30:50 0 d-------- C:\Program Files\Common Files 2008-07-19 10:10:48 0 d-------- C:\Program Files\Soulseek 2008-06-17 15:41:06 0 d-------- C:\Documents and Settings\Cat\Application Data\Macromedia 2008-06-17 15:39:45 0 d-------- C:\Documents and Settings\Cat\Application Data\Adobe 2008-06-17 15:39:32 0 d-------- C:\Program Files\Google 2008-06-16 18:45:13 0 d-------- C:\Documents and Settings\Cat\Application Data\MySpace 2008-05-10 16:28:49 655 --a------ C:\Documents and Settings\Cat\Application Data\com.kennettnet.MusicRescueProfiles.plist 2008-05-10 16:28:49 3261 --a------ C:\Documents and Settings\Cat\Application Data\com.kennettnet.MusicRescue.plist -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "SiSPower"="SiSPower.dll" [12/04/2005 04:31 C:\WINDOWS\system32\SiSPower.dll] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.e xe" [12/01/2006 15:40] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/06/2005 23:46] "SoundMan"="SOUNDMAN.EXE" [13/11/2003 18:23 C:\WINDOWS\SOUNDMAN.EXE] "Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [05/05/2003 08:57] "Lexmark X74-X75"="C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" [14/10/2002 16:09] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10/06/2008 04:27] "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [10/07/2008 09:47] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [27/05/2008 10:50] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [10/07/2008 10:51] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [14/04/2008 01:12] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [18/10/2006 21:05] "Google Update"="C:\Documents and Settings\Cat\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [16/07/2008 21:16] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [01/07/2008 11:19] C:\Documents and Settings\Cat\Start Menu\Programs\Startup\ YouTube Uploader.lnk - C:\Documents and Settings\Cat\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe [11/9/2007 1:33:08 PM] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [12/26/2007 6:06:24 PM] [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system] "disableregistrytools"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks] "{938838B5-F66D-427D-8996-4DAF70D23C43}"= C:\WINDOWS\system32\ljJAQgfF.dll [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] C:\WINDOWS\System32\dimsntfy.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljJAQgfF] ljJAQgfF.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljJCsspM] ljJCsspM.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\rqRkljJy [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdauxservice" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdcoreservice" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel MEDIA FOLDERS INDEXER 8.LNK] backup=C:\WINDOWS\pss\Corel MEDIA FOLDERS INDEXER 8.LNKCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk] backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk] backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Utility Tray.lnk] backup=C:\WINDOWS\pss\Utility Tray.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Cat^Start Menu^Programs^Startup^TA_Start.lnk] backup=C:\WINDOWS\pss\TA_Start.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Cat^Start Menu^Programs^Startup^Think-Adz.lnk] backup=C:\WINDOWS\pss\Think-Adz.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Chckup] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hotplug] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSRaid] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] eapsvcs eaphost dot3svc dot3svc HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs napagent hkmsvc *Newly Created Service* - PAVBOOT -- End of Deckard's System Scanner: finished at 2008-07-23 20:39:50 ------------ I really hope I've done everything correctly and followed the rules correctly. Thank-you Catherine

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Technology Forum

Problems accessing some websites.. Vundo possibly?

Problems accessing some websites.. Vundo possibly?