Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Windows 2000 Server cpu 100%

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Windows 2000 Server cpu 100%

Unread postby scottp » May 31st, 2009, 7:33 pm

Hi, this site helped me several years ago. Different computer different problem. All of a sudden the cpu at 100%. At first thought it was a hardware problem. I have tried most malware removal and cannot get through a scan. Computer freezes. Mcafee found hundreds of generic trojans. Superantispyware detected 1000's of tibsspk trojans but they could not remove them. I would to get some feedback on if its fixable or to far gone. Hijack this would not save a full log. Keep on getting error. Here is the process hijack log. I ran a Rsit log.
thanks scott

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:52:57 PM, on 5/31/2009
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Network Associates\Alert Manager\amgrsrvc.exe
C:\Program Files\Dell\OpenManage\OMSA\bin\dcevt32.exe
C:\Program Files\Dell\OpenManage\OMSA\bin\dcstor32.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\System32\llssrv.exe
C:\Program Files\Dell\OpenManage\Array Manager\mr2kserv.exe
C:\Program Files\Microsoft SQL Server\MSSQL$ALAMODE\Binn\sqlservr.exe
C:\WINNT\system32\ntfrs.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\System32\locator.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Dell\OpenManage\iws\bin\win32\omaws32.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\System32\termsrv.exe
C:\Program Files\Dell\OpenManage\Array Manager\VxSvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\wins.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\dns.exe
C:\WINNT\System32\ismserv.exe
C:\WINNT\System32\msdtc.exe
C:\Program Files\Microsoft SQL Server\MSSQL$ALAMODE\Binn\sqlagent.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Atiptaxx.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\a la mode\Sched\eSched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Network Associates\NetShield 2000\SHSTAT.EXE
C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Trend Micro\HijackThis\scott.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\yiaqglvr.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\pi9s118k4xb.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\qii3kzb59svc.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\eltrw2r5xoo.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\fmw97d7kjvhxy.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\jb8ak9k.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\fhaqmsl2a118u.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\wagbk0.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\mnxqlp0vvb9.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\nm3dpd0m1gbn.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\h172u82fu7s0p.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\b2z9parj0j3wp.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\m43i9b.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\xn10u0cs.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\sz4xr2qq74.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\empwk6p0qlg1e.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\fwuub6.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\gs6ek4l7.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\c4rkc3il.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\qdq1ff5g3.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\xms64qzscyd.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\xgodhvxfc.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\god1f81rf.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\ygbons32m.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\d6xrlhp.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\qbhkga0w6s.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\rq52g8plqm7.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\nitk3ccq3.exe
C:\WINNT\system32\cmd.exe
C:\WINNT\system32\cmd.exe
C:\WINNT\system32\cmd.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\fe0ljh3hm.exe
C:\WINNT\system32\cmd.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\sjrv9747g6.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\nvtqd1.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\rvh2d71o.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\s0sx57ik.exe--
End of file - 3717 bytes

Logfile of random's system information tool 1.06 (written by random/random)
Run by scott at 2009-05-31 02:33:30
Microsoft Windows 2000 Server Service Pack 4
System drive C: has 6 GB (16%) free of 38 GB
Total RAM: 1023 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:42:12 AM, on 5/31/2009
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Network Associates\Alert Manager\amgrsrvc.exe
C:\Program Files\Dell\OpenManage\OMSA\bin\dcevt32.exe
C:\Program Files\Dell\OpenManage\OMSA\bin\dcstor32.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\System32\llssrv.exe
C:\Program Files\Dell\OpenManage\Array Manager\mr2kserv.exe
C:\Program Files\Microsoft SQL Server\MSSQL$ALAMODE\Binn\sqlservr.exe
C:\WINNT\system32\ntfrs.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\System32\locator.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Dell\OpenManage\iws\bin\win32\omaws32.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\System32\termsrv.exe
C:\Program Files\Dell\OpenManage\Array Manager\VxSvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\wins.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\dns.exe
C:\WINNT\System32\ismserv.exe
C:\WINNT\System32\msdtc.exe
C:\Program Files\Microsoft SQL Server\MSSQL$ALAMODE\Binn\sqlagent.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Atiptaxx.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\a la mode\Sched\eSched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Network Associates\NetShield 2000\SHSTAT.EXE
C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Documents and Settings\Scott\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\scott.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\e6n80f.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\ozp1rga.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\o058wu5vg.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\nl5a8vor8gb.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\u2jlgg4bmask.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\mnfczuekcfl.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\ip5ylwb.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\t10kx3da4gxi.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\mocj48oto44g1.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\ka8htl.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\dg1g0q3.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\rnwzmzh54svxf.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\se1xug.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\leo0aa.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\p99xbc.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\uspezhuoqvz4.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\q0evjto.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\x7wylwn8cob59.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\zm7r8ri36jm8j.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\adctpm.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\k5qae1.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\bxf7ajit.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\qvwo49g.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\e9dtmobn.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\rbdtuyia5fgnj.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\o2v5zuw89pt0.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\hua7tsrbl.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\yhg1ztku5kdy.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\ddbbic9aq.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\srdn37b2ahoo.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\k5carnqp.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\egundncb.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\q2rroredfnci0.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\x365ksnd9.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\lkd8c28468x.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\akhnnapwi104z.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\dzvr27ur.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\sgv8wxs.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\ejy9dzapxv.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\lbuloq.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\z2m76g.exe
C:\WINNT\system32\cmd.exe
C:\WINNT\system32\cmd.exe
C:\DOCUME~1\Scott\LOCALS~1\Temp\qgu7bfw.exe


--
End of file - 4077 bytes

======Scheduled tasks folder======

C:\WINNT\tasks\Copy March.job
C:\WINNT\tasks\emjtauck.job
C:\WINNT\tasks\HP WEP.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5BF49A2-94F3-42BD-F434-3604812C8955}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1033,&Radio - C:\WINNT\System32\msdxm.ocx [2005-03-31 844560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtiPTA"=C:\WINNT\system32\Atiptaxx.exe [2001-10-10 270336]
"AuCaption"=DSA OMSA Reminder []
"AuFlag"=2 []
"Synchronization Manager"=mobsync.exe /logon []
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-07 29744]
"The Assistant"=C:\Program Files\a la mode\Sched\eSched.exe [2007-04-16 99840]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
""= []
"HPUsageTracking"=C:\Program Files\Hewlett-Packard\HP UT\bin\hppusg.exe [2007-11-02 36864]
"hpbdfawep"=C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe [2007-04-25 954368]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"ShStatEXE"=C:\Program Files\Network Associates\NetShield 2000\SHSTAT.EXE [2000-02-15 57414]
"PrnStatusMX"=C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe [2007-08-29 1077248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"vq94hk8jjb5io8x"=C:\DOCUME~1\Scott\LOCALS~1\Temp\efcjxce2wd1dt.exe []
"b044o4trd0xzn30pzsj497sxlpiqbopu6b0tryhmzr"=C:\DOCUME~1\Scott\LOCALS~1\Temp\p4vaccao38wz.exe []
"tg157yhrepmzbxn0tpkkb0rpjdk7dt"=C:\DOCUME~1\Scott\LOCALS~1\Temp\dkapc91l2bo82.exe []
"txpa14autx83dyavuywfb6g7jk10f1ch86zkhxkdyul4yy"=C:\DOCUME~1\Scott\LOCALS~1\Temp\wdtz43.exe []
"ybheejdwn2x6xnm9kdq39summ1l1dgakivacskt0zrkmh"=C:\DOCUME~1\Scott\LOCALS~1\Temp\pjnes7jy5m2.exe []
"psiudxx7zr7897y"=C:\DOCUME~1\Scott\LOCALS~1\Temp\plrt9t.exe []
"fksu9pbglq3rvjhpc3abkovvli9scy14"=C:\DOCUME~1\Scott\LOCALS~1\Temp\n98pysorf9.exe []
"k95pxqf13m2nobz2z"=C:\DOCUME~1\Scott\LOCALS~1\Temp\pb29uudf.exe []
"j8k6v0gcw49txmujh6hcros0aqdtu3qsy90"=C:\DOCUME~1\Scott\LOCALS~1\Temp\h7ea95f.exe []
"tllfgqu382x8onpm6r2lf73kvemqlbr05"=C:\DOCUME~1\Scott\LOCALS~1\Temp\xon2mtg.exe []
"abi9ba46zzxzsiazg"=C:\DOCUME~1\Scott\LOCALS~1\Temp\n9jm96i2xb3a.exe []
"oqlla17cd40qc3kaai1c"=C:\DOCUME~1\Scott\LOCALS~1\Temp\wdldckkarxhxm.exe []
"atgsykx2gh0ky8pn1wx"=C:\DOCUME~1\Scott\LOCALS~1\Temp\g66l03.exe []
"iojnq2z5ciqcrasbt"=C:\DOCUME~1\Scott\LOCALS~1\Temp\gfaysm.exe []
"yus6yinvplnm7kf6v5v16uyslj96j35"=C:\DOCUME~1\Scott\LOCALS~1\Temp\puuipl.exe []
"o8webfb81vj"=C:\DOCUME~1\Scott\LOCALS~1\Temp\qumt84w.exe []
"csc7t60ysywcfgn8nfkaw6r4xckms4wae9wnf9p02k5kbkatf"=C:\DOCUME~1\Scott\LOCALS~1\Temp\nexzkyniobgb.exe []
"i6rz0v94ae9476fe2guqjom7rn08gzqblq0rja4dogq"=C:\DOCUME~1\Scott\LOCALS~1\Temp\gtdbj57rk2i12.exe []
"yi6m4pbm06bfe5lmwnnr4gqqw"=C:\DOCUME~1\Scott\LOCALS~1\Temp\lua61kvk9qwbc.exe []
"gzmeetnysw7j132vysaf4bswg1c2"=C:\DOCUME~1\Scott\LOCALS~1\Temp\t77zdhh7gq0iq.exe []
"ukvgm9tns7e0ynlupg3sp7"=C:\DOCUME~1\Scott\LOCALS~1\Temp\pq8jpwlz0.exe []
"lic3e6c05hnm91siyf0zrom54e1evpsl9g8qy67515au"=C:\DOCUME~1\Scott\LOCALS~1\Temp\cooevnog0xf.exe []
"ebi0k6alqpwky683crn5cibd47frr"=C:\DOCUME~1\Scott\LOCALS~1\Temp\br0ogh.exe []
"d4r2jnvjb5ofs22s7oou8efyrm9kuyvd57n"=C:\DOCUME~1\Scott\LOCALS~1\Temp\j4g0sv.exe []
"zt433gh25enue4ww3x1xcn"=C:\DOCUME~1\Scott\LOCALS~1\Temp\jhp7wmpy2w.exe []
"rfjmwpz12q7zlzxrt204aofi52bmiba3fsjzuwxzwcauzcnkf"=C:\DOCUME~1\Scott\LOCALS~1\Temp\khhif51xytp.exe []
"u7pfxzklube8h0d"=C:\DOCUME~1\Scott\LOCALS~1\Temp\rv5mk6zinef4.exe []
"n75h14gx986ypz5"=C:\DOCUME~1\Scott\LOCALS~1\Temp\muws5s9h5.exe []
"wigvtnlxdj3f7sk947hs0"=C:\DOCUME~1\Scott\LOCALS~1\Temp\eo6lvoz.exe []
"dwjluesaq3f2f"=C:\DOCUME~1\Scott\LOCALS~1\Temp\cb51i1jny.exe []
"h2oi2myz1jl3mor2pppx4txfcwqar4on59xf9piqt4puoazxr"=C:\DOCUME~1\Scott\LOCALS~1\Temp\omf80jmpm5fb.exe []
"n3bkxnhhcknvkd7zzqyyvefvbzycg4hvdrw5"=C:\DOCUME~1\Scott\LOCALS~1\Temp\jj5zh5a.exe []
"b2l3exzixcju8c9im0goq3euuoimx"=C:\DOCUME~1\Scott\LOCALS~1\Temp\us5ugtt.exe []
"kwm68p0pnm"=C:\DOCUME~1\Scott\LOCALS~1\Temp\dfbbxfz9.exe []
"m6pali7bheurau2xs8icdsyzjymevszuwjhcild40jlarp3z74"=C:\DOCUME~1\Scott\LOCALS~1\Temp\cjjuvpr9tx.exe []
"ohnzqtzzyjie5xujwm"=C:\DOCUME~1\Scott\LOCALS~1\Temp\nb20fah1b62.exe []
"e5qmd4n2o0zg7gukxpk2exwf0n1"=C:\DOCUME~1\Scott\LOCALS~1\Temp\ifz79pyd.exe []
"gdv7fvey0whku14v0un8g35ea5bavvhmmnixhwddebd"=C:\DOCUME~1\Scott\LOCALS~1\Temp\r2kyc30l5.exe []
"moif1kdfsyvduljbmc8szgps6sawi"=C:\DOCUME~1\Scott\LOCALS~1\Temp\it8ka68a2r5jg.exe []
"mjq0pnoaap"=C:\DOCUME~1\Scott\LOCALS~1\Temp\mr7ffnu.exe []
"sm83x1aim93zoj5tolvqrlln1b1tu99aulyh"=C:\DOCUME~1\Scott\LOCALS~1\Temp\pfuwipeobqx.exe []
"aeisyve5pjjqrpr9b1"=C:\DOCUME~1\Scott\LOCALS~1\Temp\angw5vn.exe []
"zk316mc3js1sksbg8t"=C:\DOCUME~1\Scott\LOCALS~1\Temp\irb32pasyq10u.exe []
"nb6rxneazxxtdrg3h1zw"=C:\DOCUME~1\Scott\LOCALS~1\Temp\jrkel8.exe []
"z5qcuhbya"=C:\DOCUME~1\Scott\LOCALS~1\Temp\l3bhhj0ny1br5.exe []
"vq64pbqbkoppcwjaqhf2i5oyxsnnf06p0uam"=C:\DOCUME~1\Scott\LOCALS~1\Temp\tx8ttg1krau93.exe []
"ji0pf7cmwy0wb5a7kl8wz5nauihukbcdaw"=C:\DOCUME~1\Scott\LOCALS~1\Temp\avj9y6lft.exe []
"bhyadsserswqhjsynp6p04g4wgoojxwgmhmeqk"=C:\DOCUME~1\Scott\LOCALS~1\Temp\ipz2akmc5.exe []
"reop1lax1kafvngbgeoy8btj5auxm2oxcgjmrhnw04d0e3i0"=C:\DOCUME~1\Scott\LOCALS~1\Temp\edgrfa03.exe []
"glic1td9h63y0ks0"=C:\DOCUME~1\Scott\LOCALS~1\Temp\fd8jytc2l.exe []
"ttl0uxo79g8u8mg37ah0ff0n1cn5sjgf72jnbv7oca3i"=C:\DOCUME~1\Scott\LOCALS~1\Temp\qtcw6197o0x.exe []
"b44tb5hmn3lafyxzs8td862s7tzudpvle7"=C:\DOCUME~1\Scott\LOCALS~1\Temp\v5hjdojp.exe []
"hsiftrdzcl72f86a60o"=C:\DOCUME~1\Scott\LOCALS~1\Temp\c7sqfcb0.exe []
"j1aasp9z1dhy5ctedg7va6anp22emukvlahmijckfg"=C:\DOCUME~1\Scott\LOCALS~1\Temp\h79d2hehm5.exe []
"qi7zo5heh9hve"=C:\DOCUME~1\Scott\LOCALS~1\Temp\y0h0yvdh.exe []
"emlr9xw8sre87fckylxir8194k4af9np7ufyeo71hn4f"=C:\DOCUME~1\Scott\LOCALS~1\Temp\aaeq8vqrsg.exe []
"qjkx0z6ftsppprbo"=C:\DOCUME~1\Scott\LOCALS~1\Temp\vwr3lxnk6iq0.exe []
"po2hbe9knjxwns61frwezlpdg"=C:\DOCUME~1\Scott\LOCALS~1\Temp\x6ocg6.exe []
"r50ycnrzge4dkys1"=C:\DOCUME~1\Scott\LOCALS~1\Temp\a123rszvw.exe []
"ri8o6u7w13ouo611wnca56mw2"=C:\DOCUME~1\Scott\LOCALS~1\Temp\ewycuef5c.exe []
"uk5n4drh4sty6241rhx5vfz"=C:\DOCUME~1\Scott\LOCALS~1\Temp\zbxdg5vo.exe []
"cb5u8gsrrei3u8s81r786r"=C:\DOCUME~1\Scott\LOCALS~1\Temp\thi66aipsp.exe []
"f3ihc1aay2c8e48buc4blgzag19dnlr8ag6o"=C:\DOCUME~1\Scott\LOCALS~1\Temp\i6qrvkkc.exe []
"qrsqhciu5aw6fj"=C:\DOCUME~1\Scott\LOCALS~1\Temp\ealeo85k8y.exe []
"oro42xx2yi0jx331w0jemk"=C:\DOCUME~1\Scott\LOCALS~1\Temp\pdnxa1kuy.exe []
"cgyu5scyf1wsa4z7t4p5r2628rpjjzk4752yclgzdj6ha7595"=C:\DOCUME~1\Scott\LOCALS~1\Temp\y0poufm2sx.exe []
"mlzzmnyaduc"=C:\DOCUME~1\Scott\LOCALS~1\Temp\hcymq74n.exe []
"ymnz4kwikdkirrbi4"=C:\DOCUME~1\Scott\LOCALS~1\Temp\j5cc07hxqt.exe []
"ncdofmi8r0x0m9k910wpvtk"=C:\DOCUME~1\Scott\LOCALS~1\Temp\zyk3sdyjkr45.exe []
"my9p5ebauop"=C:\DOCUME~1\Scott\LOCALS~1\Temp\zoogkwq7fuzx.exe []
"tvg5my50vjwuyx1tf8wamjxh61"=C:\DOCUME~1\Scott\LOCALS~1\Temp\o2n7imaxt90.exe []
"z6n1oj8lhtie49vvd5gxi0aqqihgfk8wzol1ac4g5"=C:\DOCUME~1\Scott\LOCALS~1\Temp\vovlpocwc0zzb.exe []
"m8ta2ddt47qs8zqe6k"=C:\DOCUME~1\Scott\LOCALS~1\Temp\zua3gy4eruvs.exe []
"gra1pomt077iejxtbw3vsjm010rvxs05lvwr6otbihdkx8r9u"=C:\DOCUME~1\Scott\LOCALS~1\Temp\okbx7v.exe []
"diqxacufvamozya28sdob47u8a10btbgpu90rg2b5njm3"=C:\DOCUME~1\Scott\LOCALS~1\Temp\dunhjq.exe []
"cuzg9aydg"=C:\DOCUME~1\Scott\LOCALS~1\Temp\l73tvn.exe []
"mc7c7dypfel198hd6rw0wuzqmgf"=C:\DOCUME~1\Scott\LOCALS~1\Temp\w7l9bpdokxm6h.exe []
"rgtxz3tmaiea22"=C:\DOCUME~1\Scott\LOCALS~1\Temp\ooknme1f.exe []
"xmd6msrhu4mng6r3"=C:\DOCUME~1\Scott\LOCALS~1\Temp\odbffztkk.exe []
"ycrpo7hrpk1oms1r9up5bryk4ahuzjqiqyy25pw"=C:\DOCUME~1\Scott\LOCALS~1\Temp\r3fs71l8fl.exe []
"k13yiusngqfnlv87ooigz5wgyw7ky1jnocm9zdpn9t7drl7jtp"=C:\DOCUME~1\Scott\LOCALS~1\Temp\t3eiohq.exe []
"phw68t7feu34x2op2yamp7wnfy3e"=C:\DOCUME~1\Scott\LOCALS~1\Temp\ev1vmtke.exe []
"nfyirx1i3reu6plnlfqfzrve7wun0545x3t1e7pn9zov0"=C:\DOCUME~1\Scott\LOCALS~1\Temp\bp7zm2g2.exe []
"h4zkkdy3zd48jj9ddqketpupdgqmoseto"=C:\DOCUME~1\Scott\LOCALS~1\Temp\g6f6cbwuy.exe []
"yus76ad4bhmauwgbpd8k4ta5qbwukf9aa8lsgij0g4r"=C:\DOCUME~1\Scott\LOCALS~1\Temp\innu6a7dpn.exe []
"c3x5iyvvu7028erlgd17uonjfexgneywhbhj"=C:\DOCUME~1\Scott\LOCALS~1\Temp\ojvzo8era.exe []
"cx7uzpo5yhatprvhx4z"=C:\DOCUME~1\Scott\LOCALS~1\Temp\cxg1ma0j8z9.exe []
"uu2y44n4onzetd43tp1u4x673wrzzymohp9bkmjm0zfud1a61"=C:\DOCUME~1\Scott\LOCALS~1\Temp\mjlcygnxyrbbb.exe []
"chm8m7j83w"=C:\DOCUME~1\Scott\LOCALS~1\Temp\i7sfz3.exe []
"n3duoav8ndxv4a9jkpmsi59"=C:\DOCUME~1\Scott\LOCALS~1\Temp\rbd6jyq.exe []
"uhwv5invdc9lz7s"=C:\DOCUME~1\Scott\LOCALS~1\Temp\x3y14glk0.exe []
"rp6l133a8xocs96"=C:\DOCUME~1\Scott\LOCALS~1\Temp\y3qcnzejw7.exe []
"jv49tzlcaktqw"=C:\DOCUME~1\Scott\LOCALS~1\Temp\en7j4r2xosw.exe []
"hg6e5zn8rgckxmhharz8clq5mpf3cg1stuohgpejatdk1vkw"=C:\DOCUME~1\Scott\LOCALS~1\Temp\ytstuf6y4wts1.exe []
"pjqbs41axpwk7y6k8utf9fx5jdx3w15369f6irpk"=C:\DOCUME~1\Scott\LOCALS~1\Temp\gz5j3luwifhi8.exe []
"n7h27jnpibn8bncxgrc7cf3f"=C:\DOCUME~1\Scott\LOCALS~1\Temp\vbsxybp5a0g.exe []
"flehkattp489tl0li38w6smt9tx2nzev1ygjh8"=C:\DOCUME~1\Scott\LOCALS~1\Temp\ndb9ca9cqznw8.exe []
"z2rxse8ves7rsp5n3jql03idipwkk2zcl2j2ljyxtcfh"=C:\DOCUME~1\Scott\LOCALS~1\Temp\y0m5u48qv.exe []
"wxjacnp0gim69nj040tmolrhluscii04y1tukjz4qgih63"=C:\DOCUME~1\Scott\LOCALS~1\Temp\lyjgn4wd3eo14.exe []
"qc304z8mp0frnd8c3z2ozzidc46fj0j"=C:\DOCUME~1\Scott\LOCALS~1\Temp\o7ntfno1yh2tm.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
WinZip Quick Pick.lnk - C:\Documents and Settings\Administrator\Desktop\WinZip\WZQKPICK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL ysqakp.dll zprphs.dll dfbjvw.dll ogknbd.dll nbffug.dll xbryro.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
C:\WINNT\system32\wlnotify.dll [2005-04-08 57104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINNT\system32\wvUkJyAT
"notification packages"=FPNWCLNT
RASSFM
KDCSVC
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, pwdssp.dll

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"disablecad"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ShowSuperHidden"=
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-05-31 02:33:30 ----D---- C:\rsit
2009-05-29 22:54:01 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-29 22:53:30 ----D---- C:\Program Files\SUPERAntiSpyware
2009-05-29 22:53:29 ----D---- C:\Documents and Settings\Scott\Application Data\SUPERAntiSpyware.com
2009-05-29 22:52:10 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-05-29 16:56:19 ----HDC---- C:\WINNT\$NtUninstallKB952004$
2009-05-29 16:55:11 ----HDC---- C:\WINNT\$NtUninstallKB923561$
2009-05-29 16:53:32 ----HDC---- C:\WINNT\$NtUninstallKB963027-IE6SP1-20090303.120000$
2009-05-29 16:51:57 ----HDC---- C:\WINNT\$NtUninstallKB959426$
2009-05-29 16:50:21 ----HDC---- C:\WINNT\$NtUninstallKB960803$
2009-05-29 16:49:13 ----HDC---- C:\WINNT\$NtUninstallKB967715$
2009-05-29 16:48:15 ----HDC---- C:\WINNT\$NtUninstallKB958690$
2009-05-29 16:46:52 ----HDC---- C:\WINNT\$NtUninstallKB960225$
2009-05-29 16:45:17 ----HDC---- C:\WINNT\$NtUninstallKB961064$
2009-05-29 16:44:03 ----HDC---- C:\WINNT\$NtUninstallKB961063$
2009-05-29 16:43:02 ----HDC---- C:\WINNT\$NtUninstallKB960715$
2009-05-29 16:41:45 ----HDC---- C:\WINNT\$NtUninstallKB958687$
2009-05-28 02:44:51 ----A---- C:\WINNT\system32\config.bak
2009-05-28 02:44:51 ----A---- C:\WINNT\system32\autoexec.bak
2009-05-28 02:44:51 ----A---- C:\WINNT\sc.exe
2009-05-28 02:41:27 ----D---- C:\AV-CLS
2009-05-27 16:06:36 ----D---- C:\Program Files\Tame
2009-05-27 15:28:18 ----HD---- C:\WINNT\PIF
2009-05-27 13:56:26 ----A---- C:\WINNT\WININIT.INI
2009-05-26 11:49:33 ----D---- C:\WINNT\pss
2009-05-25 08:49:09 ----A---- C:\WINNT\alaredun.ini
2009-05-21 13:13:01 ----D---- C:\Program Files\Trend Micro

======List of files/folders modified in the last 1 months======

2009-05-31 02:33:33 ----D---- C:\WINNT\system32
2009-05-31 01:54:24 ----SD---- C:\WINNT\Tasks
2009-05-31 01:46:10 ----AD---- C:\WINNT
2009-05-31 01:44:45 ----A---- C:\WINNT\ALAMODE.INI
2009-05-31 00:23:49 ----D---- C:\WINNT\system32\inetsrv
2009-05-31 00:23:49 ----D---- C:\WINNT\Debug
2009-05-31 00:21:55 ----D---- C:\WINNT\system32\wins
2009-05-31 00:20:11 ----SHD---- C:\WINNT\CSC
2009-05-31 00:18:25 ----D---- C:\WINNT\NTDS
2009-05-30 18:45:26 ----A---- C:\WINNT\ntbtlog.txt
2009-05-30 12:12:37 ----D---- C:\WINNT\system32\NtmsData
2009-05-30 12:01:59 ----D---- C:\WINNT\security
2009-05-29 22:53:49 ----SHD---- C:\WINNT\Installer
2009-05-29 22:53:30 ----RAD---- C:\Program Files
2009-05-29 22:52:10 ----AD---- C:\Program Files\Common Files
2009-05-29 18:52:06 ----D---- C:\Dell
2009-05-29 17:54:48 ----D---- C:\WINNT\system32\config
2009-05-29 17:09:15 ----D---- C:\WINNT\Temp
2009-05-29 17:06:13 ----RSHDC---- C:\WINNT\system32\dllcache
2009-05-29 17:06:13 ----AD---- C:\WINNT\AppPatch
2009-05-29 16:56:13 ----HD---- C:\WINNT\inf
2009-05-29 16:56:04 ----A---- C:\WINNT\imsins.BAK
2009-05-29 16:44:15 ----D---- C:\WINNT\system32\drivers
2009-05-29 16:41:08 ----D---- C:\WINNT\system32\netmon
2009-05-29 16:40:57 ----A---- C:\WINNT\updcustom.dll.log
2009-05-29 16:40:40 ----D---- C:\WINNT\msiinst.tmp
2009-05-28 14:38:28 ----A---- C:\WINNT\SchedLgU.Txt
2009-05-28 12:07:54 ----A---- C:\WINNT\system32\signal.txt
2009-05-28 02:30:45 ----D---- C:\temp
2009-05-28 02:16:02 ----AD---- C:\WINNT\system32\dns
2009-05-27 22:58:33 ----A---- C:\WINNT\TECHHELP5.INI
2009-05-27 12:21:07 ----D---- C:\WINNT\SoftwareDistribution
2009-05-27 08:50:54 ----D---- C:\WINNT\Help
2009-05-27 02:05:30 ----A---- C:\WINNT\system32\dnsmgmt.msc
2009-05-26 14:24:08 ----A---- C:\WINNT\system32\dssite.msc
2009-05-26 14:23:57 ----A---- C:\WINNT\system32\dsa.msc
2009-05-25 12:37:35 ----A---- C:\WINNT\MercuryWT.ini
2009-05-25 09:37:17 ----DC---- C:\WINNT\system32\DRVSTORE
2009-05-25 09:36:32 ----AD---- C:\Program Files\MozyPro
2009-05-25 08:50:51 ----A---- C:\WINNT\mercury.ini
2009-05-21 09:46:52 ----D---- C:\Documents and Settings\Scott\Application Data\U3
2009-05-21 00:54:02 ----A---- C:\WINNT\system32\rrasmgmt.msc
2009-05-21 00:51:24 ----D---- C:\WINNT\system32\ias
2009-05-20 16:05:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-07 00:16:30 ----A---- C:\WINNT\system32\MRT.exe
2009-05-05 16:20:56 ----A---- C:\WINNT\system32\wtapi.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ASPI32;ASPI32; C:\WINNT\system32\drivers\ASPI32.sys [2002-09-06 25244]
R1 kbdhid;Keyboard HID Driver; C:\WINNT\System32\DRIVERS\kbdhid.sys [1999-10-04 13744]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 dcesm;dcesm; C:\WINNT\System32\drivers\dcesm.sys [2003-04-14 68028]
R2 DgiVecp;Team MFP Comm Driver; C:\WINNT\System32\Drivers\DgiVecp.sys [2001-03-05 40448]
R2 HidUsb;Microsoft HID Class Driver; C:\WINNT\System32\DRIVERS\hidusb.sys [1999-10-04 13904]
R2 ousbehci;NEC PCI to USB Enhanced Host Controller; C:\WINNT\System32\Drivers\ousbehci.sys [2003-04-01 40320]
R2 tmcomm;tmcomm; \??\C:\WINNT\system32\drivers\tmcomm.sys []
R3 ati2mpad;ati2mpad; C:\WINNT\System32\DRIVERS\ati2mpad.sys [2001-12-21 323793]
R3 E1000;Intel(R) PRO/1000 Adapter Driver; C:\WINNT\System32\DRIVERS\e1000nt5.sys [2002-06-19 103680]
R3 mouhid;Mouse HID Driver; C:\WINNT\System32\DRIVERS\mouhid.sys [2003-06-19 11632]
R3 openhci;Microsoft USB Open Host Controller Driver; C:\WINNT\System32\DRIVERS\openhci.sys [2003-06-19 24784]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support; C:\WINNT\System32\DRIVERS\ousb2hub.sys [2003-04-01 54784]
R3 spud;Special Purpose Utility Driver; C:\WINNT\System32\drivers\spud.sys [1999-12-07 12336]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINNT\System32\DRIVERS\usbhub.sys [2003-06-19 40176]
R3 USBSTOR;USB Mass Storage Driver; C:\WINNT\System32\DRIVERS\USBSTOR.SYS [2003-06-19 21552]
S1 SCSIChanger;SCSIChanger; C:\WINNT\System32\drivers\scsichng.sys [2000-07-12 10112]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINNT\system32\drivers\mbamswissarmy.sys []
S3 NaiFiltr;NaiFiltr; \??\C:\Program Files\Network Associates\NetShield 2000\NaiFiltr.sys []
S3 PCDRDRV;Pcdr Helper Driver; \??\C:\PROGRA~1\Dell\OPENMA~1\oldiags\vendor\pcdoctor\modules\PCDRDRV.sys []
S3 PcdrNt;PcdrNt; C:\WINNT\System32\drivers\PcdrNt.sys [2003-06-25 44192]
S3 PDCOMP;PDCOMP; C:\WINNT\system32\drivers\PDCOMP.sys []
S3 PDFRAME;PDFRAME; C:\WINNT\system32\drivers\PDFRAME.sys []
S3 PDRELI;PDRELI; C:\WINNT\system32\drivers\PDRELI.sys []
S3 PDRFRAME;PDRFRAME; C:\WINNT\system32\drivers\PDRFRAME.sys []
S3 PPDrv;Protector Plus Driver (UnRegistered); \??\C:\Protector Plus\PPDrv.sys []
S3 PPEMSCAN;Protector Plus Email Scan Driver; \??\C:\Protector Plus\PPEMSCAN.sys []
S3 RDPWD;RDPWD; C:\WINNT\system32\drivers\RDPWD.sys [2005-06-29 90296]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 TDASYNC;TDASYNC; C:\WINNT\system32\drivers\TDASYNC.sys [2003-06-19 12664]
S3 TDIPX;TDIPX; C:\WINNT\system32\drivers\TDIPX.sys [2003-06-19 20760]
S3 TDNETB;TDNETB; C:\WINNT\system32\drivers\TDNETB.sys [2003-06-19 18392]
S3 TDPIPE;TDPIPE; C:\WINNT\system32\drivers\TDPIPE.sys [2003-06-19 10552]
S3 TDSPX;TDSPX; C:\WINNT\system32\drivers\TDSPX.sys [2003-06-19 18264]
S3 TDTCP;TDTCP; C:\WINNT\system32\drivers\TDTCP.sys [2003-06-19 19032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINNT\System32\DRIVERS\usbprint.sys [2003-06-19 21872]
S3 WDICA;WDICA; C:\WINNT\system32\drivers\WDICA.sys []
S4 dmio;Logical Disk Manager Driver; C:\WINNT\System32\drivers\dmio.sys [2003-06-19 137936]
S4 dmload;dmload; C:\WINNT\System32\drivers\dmload.sys [2003-06-19 7312]
S4 IntelIde;IntelIde; C:\WINNT\system32\drivers\IntelIde.sys []
S4 TermDD;Terminal Device Driver; C:\WINNT\System32\drivers\termdd.sys [2003-06-19 35832]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AlertManager;Network Associates Alert Manager; C:\Program Files\Common Files\Network Associates\Alert Manager\amgrsrvc.exe [2000-02-10 126993]
R2 dcevt32;Dell OpenManage Server Agent Event Monitor; C:\Program Files\Dell\OpenManage\OMSA\bin\dcevt32.exe [2003-04-14 90112]
R2 dcstor32;Dell OpenManage Server Agent; C:\Program Files\Dell\OpenManage\OMSA\bin\dcstor32.exe [2003-04-14 65536]
R2 Dfs;Distributed File System; C:\WINNT\system32\Dfssvc.exe [2003-06-19 90896]
R2 DNS;DNS Server; C:\WINNT\System32\dns.exe [2009-02-13 335120]
R2 HidServ;HID Input Service; C:\WINNT\system32\hidserv.exe [2003-06-19 19728]
R2 IISADMIN;IIS Admin Service; C:\WINNT\System32\inetsrv\inetinfo.exe [2003-06-19 14608]
R2 IsmServ;Intersite Messaging; C:\WINNT\System32\ismserv.exe [2003-06-19 25872]
R2 kdc;Kerberos Key Distribution Center; C:\WINNT\System32\lsass.exe [2004-12-19 33552]
R2 LicenseService;License Logging Service; C:\WINNT\System32\llssrv.exe [2005-01-13 85264]
R2 mr2kserv;mr2kserv; C:\Program Files\Dell\OpenManage\Array Manager\mr2kserv.exe [2002-09-06 57344]
R2 MSSQL$ALAMODE;MSSQL$ALAMODE; C:\Program Files\Microsoft SQL Server\MSSQL$ALAMODE\Binn\sqlservr.exe [2005-05-04 9150464]
R2 NtFrs;File Replication Service; C:\WINNT\system32\ntfrs.exe [2003-06-19 745232]
R2 Server Administrator;Secure Port Server; C:\Program Files\Dell\OpenManage\iws\bin\win32\omaws32.exe [2003-06-25 36864]
R2 SMTPSVC;Simple Mail Transport Protocol (SMTP); C:\WINNT\System32\inetsrv\inetinfo.exe [2003-06-19 14608]
R2 SNMP;SNMP Service; C:\WINNT\System32\snmp.exe [2006-10-10 30480]
R2 SQLAgent$ALAMODE;SQLAgent$ALAMODE; C:\Program Files\Microsoft SQL Server\MSSQL$ALAMODE\Binn\sqlagent.EXE [2005-05-03 323584]
R2 TermService;Terminal Services; C:\WINNT\System32\termsrv.exe [2003-06-19 142608]
R2 TrkSvr;Distributed Link Tracking Server; C:\WINNT\system32\services.exe [2005-04-08 92944]
R2 VxSvc;Disk Management Service; C:\Program Files\Dell\OpenManage\Array Manager\VxSvc.exe [2003-02-04 49936]
R2 W3SVC;World Wide Web Publishing Service; C:\WINNT\System32\inetsrv\inetinfo.exe [2003-06-19 14608]
R2 WINS;Windows Internet Name Service (WINS); C:\WINNT\System32\wins.exe [2009-01-09 149776]
S2 aspnet_state;ASP.NET State Service; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S2 BackupExecAgentBrowser;Backup Exec 8.x Agent Browser; C:\Program Files\VERITAS\Backup Exec\NT\benetns.exe [2001-10-16 22577]
S2 BackupExecAlertServer;Backup Exec 8.x Alert Server; C:\Program Files\VERITAS\Backup Exec\NT\alertServer.exe [2001-10-16 343605]
S2 BackupExecDeviceMediaService;Backup Exec 8.x Device & Media Service; C:\Program Files\VERITAS\Backup Exec\NT\pvlsvr.exe [2001-10-16 615984]
S2 BackupExecJobEngine;Backup Exec 8.x Job Engine; C:\Program Files\VERITAS\Backup Exec\NT\bengine.exe [2001-10-16 964657]
S2 BackupExecNamingService;Backup Exec 8.x Naming Service; C:\Program Files\VERITAS\Backup Exec\NT\benser.exe [2001-10-16 54320]
S2 BackupExecNotificationServer;Backup Exec 8.x Notification Server; C:\Program Files\VERITAS\Backup Exec\NT\nsvr.exe [2001-10-16 137262]
S2 BackupExecRPCService;Backup Exec 8.x Server; C:\Program Files\VERITAS\Backup Exec\NT\beserver.exe [2001-10-16 561202]
S2 McShield;Network Associates McShield; C:\Program Files\Network Associates\NetShield 2000\Mcshield.exe [2000-02-15 221261]
S2 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\NetShield 2000\VsTskMgr.exe [2000-02-15 81994]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-07 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 SNMPTRAP;SNMP Trap Service; C:\WINNT\System32\snmptrap.exe [2003-06-19 7952]

-----------------EOF-----------------
scottp
Active Member
 
Posts: 13
Joined: April 15th, 2007, 2:32 pm
Location: Santa Ana, CA
Advertisement
Register to Remove

Re: Windows 2000 Server cpu 100%

Unread postby NonSuch » June 1st, 2009, 2:30 am

In order for someone to analyze your HijackThis log, you must post the entire log, first line through last. The HijackThis log you have posted shows only the running processes. The entire lower section of the log is missing, which includes vital information about your computer. You will need to provide us with a complete HijackThis log before we can help you. Please follow the guideline at the link below to start a new topic and post your HijackThis log. Post the HijackThis log only. The helper who assists you may ask you to use additional tools to run scans and post logs from those scans as well. However, to begin with, just post your HijackThis log.

This topic is now closed. Please start a new topic by following the HijackThis Guideline posted here: >Guideline for posting your HijackThis log<
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 41 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware