Detection with NOTHING done . .

[LoneLurker]

Zenobia,

Thank you for that link to the Screen Display of what you were requesting, from within SBS&D for those StartUp files. Some have been Disabled because it takes too long for them to do their thingy, like RegProt - 3 - 4 minutes for each notice of activity within the registry file? Too long for me.

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2009-02-14 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-01-22 Includes\Adware.sbi
2009-01-22 Includes\AdwareC.sbi
2009-01-22 Includes\Cookies.sbi
2009-01-06 Includes\Dialer.sbi
2009-01-22 Includes\DialerC.sbi
2009-01-22 Includes\HeavyDuty.sbi
2009-02-10 Includes\Hijackers.sbi
2009-02-10 Includes\HijackersC.sbi
2008-12-09 Includes\Keyloggers.sbi
2009-02-03 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-11-18 Includes\Malware.sbi
2009-02-10 Includes\MalwareC.sbi
2008-12-16 Includes\PUPS.sbi
2009-02-10 Includes\PUPSC.sbi
2009-01-22 Includes\Revision.sbi
2009-01-13 Includes\Security.sbi
2009-02-10 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2009-01-28 Includes\Spyware.sbi
2009-01-28 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2009-02-03 Includes\Trojans.sbi
2009-02-10 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

Located: HK_LM:Run, !AAVNT
command: "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
file: C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
size: 266497
MD5: 6E812818306D460D62B4ABEA9FDC6679

Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
size: 34672
MD5: 69B16C7B7746BA5C642FC05B3561FC73

Located: HK_LM:Run, COMODO Internet Security
command: "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
file: C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
size: 1850600
MD5: 7AF5C50EC3BFC9EE41B46067A1A76C9A

Located: HK_LM:Run, DellSupportCenter
command: "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
file: C:\Program Files\Dell Support Center\bin\sprtcmd.exe
size: 206064
MD5: 3917664C26B4344768C288BBA6FEFCB6

Located: HK_LM:Run, ISUSPM Startup
command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
file: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
size: 221184
MD5: 9ABF687071C649609BF7E177062A9008

Located: HK_LM:Run, ISUSScheduler
command: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
file: C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
size: 81920
MD5: FF3BF05021BFECC92DB81B8257EEB026

Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
file: C:\Windows\system32\NvMcTray.dll
size: 92704
MD5: C1E17F8DF7524B454E57A0C887307403

Located: HK_LM:Run, RtHDVCpl
command: RtHDVCpl.exe
file: C:\Windows\RtHDVCpl.exe
size: 4907008
MD5: B503285B5D1CAC5AE445D60C690DCFF9

Located: HK_LM:Run, SANSISC
command: C:\Users\Native\AppData\Roaming\ProgyFiles\ISCSANS\ISCAlert.exe
file: C:\Users\Native\AppData\Roaming\ProgyFiles\ISCSANS\ISCAlert.exe
size: 6656
MD5: 74F1EE31E1B4F3297E767DA5666C2489

Located: HK_LM:Run, Windows Defender
command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1008184
MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E

Located: HK_LM:Run, !Adobe Reader Speed Launcher (DISABLED)
command: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
size: 34672
MD5: 69B16C7B7746BA5C642FC05B3561FC73

Located: HK_LM:Run, !DLD (DISABLED)
command: "C:\Program Files\Digital Line Detect\DLG.exe"
file: C:\Program Files\Digital Line Detect\DLG.exe
size: 50688
MD5: F03FFC962E18F36A922E61F96BE09925

Located: HK_LM:Run, !RegProt (DISABLED)
command: C:\Users\Native\AppData\Roaming\ProgyFiles\DCS\RegProt\RegProt.exe
file: C:\Users\Native\AppData\Roaming\ProgyFiles\DCS\RegProt\RegProt.exe
size: 19614
MD5: BED2D3E8C8C15D657601D3F95B564AF5

Located: HK_LM:Run, NvCplDaemon (DISABLED)
command: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
file: C:\Windows\system32\NvCpl.dll
size: 13535776
MD5: 7522597DD61F651A95A471D798E08304

Located: HK_LM:Run, NvSvc (DISABLED)
command: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
file: C:\Windows\system32\nvsvc.dll
size: 526880
MD5: B88B306A3DD3B470A8747B15B7C00703

Located: HK_LM:Run, SunJavaUpdateSched (DISABLED)
command: "C:\Program Files\Java\jre6\bin\jusched.exe"
file: C:\Program Files\Java\jre6\bin\jusched.exe
size: 136600
MD5: B98FFA8288EFAABC436C30D198608345

Located: HK_CU:Run, Sidebar (DISABLED)
where: S-1-5-19...
command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
file: C:\Program Files\Windows Sidebar\Sidebar.exe
size: 1233920
MD5: FD278E51A7D6F52D22FCE6C67E037AD6

Located: HK_CU:Run, WindowsWelcomeCenter (DISABLED)
where: S-1-5-19...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file: C:\Windows\system32\oobefldr.dll
size: 2153472
MD5: 83E4A5435B0FA6AD0166722621A04725

Located: HK_CU:Run, Sidebar (DISABLED)
where: S-1-5-20...
command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
file: C:\Program Files\Windows Sidebar\Sidebar.exe
size: 1233920
MD5: FD278E51A7D6F52D22FCE6C67E037AD6

Located: HK_CU:Run, ccleaner
where: S-1-5-21-625065069-3971630813-3076134940-1000...
command: "C:\Users\Native\AppData\Roaming\CrpClnr\CCleaner\CCleaner.exe" /AUTO
file: C:\Users\Native\AppData\Roaming\CrpClnr\CCleaner\CCleaner.exe
size: 1451248
MD5: A54FC834E6FC5FF1094CBD4FF78EF279

Located: HK_CU:Run, DellSupport
where: S-1-5-21-625065069-3971630813-3076134940-1000...
command: "C:\Program Files\DellSupport\DSAgnt.exe" /startup
file: C:\Program Files\DellSupport\DSAgnt.exe
size: 460784
MD5: B75FDBF14073D72C50624CC8338DD534

Located: HK_CU:Run, !SBS&DTeaTimer (DISABLED)
where: S-1-5-21-625065069-3971630813-3076134940-1000...
command: C:\Program Files\SaferNetWork\SBS&D\TeaTimer.exe
file: C:\Program Files\SaferNetWork\SBS&D\TeaTimer.exe
size: 2144088
MD5: 896A1DB9A972AD2339C2E8569EC926D1

Located: HK_CU:Run, WindowsWelcomeCenter (DISABLED)
where: S-1-5-21-625065069-3971630813-3076134940-1000...
command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
file: C:\Windows\system32\oobefldr.dll
size: 2153472
MD5: 83E4A5435B0FA6AD0166722621A04725

Located: Startup (user), OpenOffice.org 3.0.lnk (DISABLED)
where: C:\Users\Native\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup...
command: C:\Program Files\OpenOffice.org 3\program\quickstart.exe
file: C:\Program Files\OpenOffice.org 3\program\quickstart.exe
size: 384000
MD5: 9C8D9866C818AC54B71BE86B3193A1A3

[Zenobia]

Sorry for taking so long to get back to you.
You don't seem to have too many startup programs,that it would cause that much slowness.
Please be extremely careful running in safe mode with networking,this leaves you unprotected,as most firewalls,antivirus,do not run on startup in safe mode.If you have access to another computer,I'd suggest that you use it for the internet,until you are able to get your Vista up and running better.

Are you able to run your antivirus while in safe mode,and is it detecting anything?Also,Spybot isn't finding anything other than Spywareinfo.TrafficZ,is it?

Did you have any luck running the Performance Information and Tools in normal mode whilst offline?

[LoneLurker]

Sorry for taking so long to get back to you.
You don't seem to have too many startup programs,that it would cause that much slowness.
Please be extremely careful running in safe mode with networking,this leaves you unprotected,as most firewalls,antivirus,do not run on startup in safe mode.If you have access to another computer,I'd suggest that you use it for the internet,until you are able to get your Vista up and running better.

Are you able to run your antivirus while in safe mode,and is it detecting anything?Also,Spybot isn't finding anything other than Spywareinfo.TrafficZ,is it?

Did you have any luck running the Performance Information and Tools in normal mode whilst offline?

Zenobia,

NOT a problem for me, as I have not been able to be on here as often I would like or need to be. Yes, you are correct most will not and firewalls are not usable either. Windows Firewall will and I did use it. I do not remember where, maybe Wilders Security Forums is where a I found some links to some spyware software and downloaded them, two (2) that were recommended by one of their frequent posters.

While within the Safe Mode downloaded "MalwareBytes' - Anti-Malware" and "Super Anti-Spyware." The first one would not load in 'Safe Mode ComdLine Admin,' the second one did and I ran it and it found three (3) places for 'Trojan.Dropper/Gen' and quarantined them and a box came up that told me I needed to reboot my system because of that install. I did and ran "SUPER ANTI-MALWARE" again and found four (4) more locations for the same trojan. Booted up in normal mode and had to activate my AntiVirus program and Comodo Internet Security program plus their AntiVirus software that is included which I ran and it found several other viruses, 'Heur.Packed.Unknown,' 'Heur.Pck.Crypto,' and 'TrojWare.Bat.ExitWindows.C@8232 and they have all been safely quarantined and removed. SpybotS&D is only finding the non-worrisome tracks, history, cookies, et ceteras. My system seems to be doing at least 99.98% better, leaving room for improvement.

Could not find "Performance Information and Tools" (without quotes) until this evening while preparing to create this long winded reply. That is in CPL and will see what that has to do with anything after posting this.

You have been a GREAT HELP in this venture. I have come out of this with a better understanding and maybe, this part is a little scary, a little SMARTER in how to keep my system in better shape.

Thank you for being there and giving some GOOD advise, C U L8R,

[LoneLurker]

Zenobia,

Not sure what you are looking for, there were several thingys listed.

The following is a brief note:

/w yellow triangle "Adjust visual settings to improve performance"

/w yellow triangle "These startup programs are causing Windows to start slowly

Name: Spybot - Search & Destroy
Filename: SpybotSD.exe
Publisher: Safer networking Limited
Date reported: Wed Dec, 2008 12:10 PM
Time taken: 54.4 seconds

Name: Unknown
Filename: cmdagent.exe
Publisher: Unkown
Date reported: Sun Nov 2, 2008 3:26 PM
Time taken: 30.6 seconds


Name: Unknown
Filename: cmdagent.exe
Publisher: Unkown
Date reported: Sat Jan 31, 2009 4:24 PM
Time taken: 30.6 seconds"

I have been attempting to HELP with their determinations of problems, guess that will be removed, at least until the BETA testing is done.

Thank you for asking and alerting me to more information than I ever wanted and do need.

By-cycle,

[Zenobia]

Name: Unknown
Filename: cmdagent.exe
Publisher: Unkown
Date reported: Sun Nov 2, 2008 3:26 PM
Time taken: 30.6 seconds

http://www.bleepingcomputer.com/star...exe-17088.html
Status is listed as required.

I can't find any info on this at all:TrojWare.Bat.ExitWindows.C@8232 or even TrojWare.Bat.ExitWindows.
Is that exactly how it's spelled?

Booted up in normal mode and had to activate my AntiVirus program and Comodo Internet Security program plus their AntiVirus software that is included which I ran

I see startup entries for both in your startup log,do you mean you had to start them manually,they would not run automatically for background scanning,or did you mean you activated them to do a scan?

On a side note,if both antivirus both normally run on start-up(antivir's guard component plus Comodo's),then one should be disabled,but I'll address that after you answer the above question.