Jump to content
Sign in to follow this  
Indian Gunner

syscache.exe and cfcdrive.exe problem

Recommended Posts

Hello,

I'm using the free version of SUPERAntiSpyware on my computer(Windows XP). I'm facing a serious problem on my PC. When I run a scan on my computer, a lot of spyware is detected and even after I remove them and scan my PC again after a day, a lot of spyware is detected again. In my task manager under processes, these files named syscache.exe and cfcdrive.exe show up after every reboot even after I manually delete them and run the SUPERAntiSpyware scan. They fluctuate my CPU usage and slow down my PC. Why can't I get rid of them once and for all even after using SUPERAntiSpyware?

Please help.

Share this post


Link to post
Share on other sites

Would you please post your latest SAS scan log.

Also, are you running the latest version of SAS free which is V4.41.1000? If not, you should upgrade to the latest version and be sure that your core/trace definitions are up-to-date for SAS detections. Then reboot your computer into SAFE MODE, run a complete scan with SAS and let it quarantine what it finds. Then boot back into normal mode and post the SAS scan log.

Share this post


Link to post
Share on other sites

hi,

I'm running the latest version of SAS... I quick scan my PC every day and each day a lot of spyware is detected on my computer. In my task manager, syscache.exe is no longer seen but cfcdrive.exe and msvmoide.exe are detected regularly which slow down my computer(internet in particular)... Even after I reboot my PC just after the scan to remove all the spyware, as soon as I check the task manager after reboot I still find cfcdrive.exe and msvmoide.exe. My internet connects only after I delete these two manually from the task manager... I'm very worried.

Here is the scan log of my last scan...

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 08/28/2010 at 02:23 PM

Application Version : 4.42.1000

Core Rules Database Version : 5395

Trace Rules Database Version: 3207

Scan type : Quick Scan

Total Scan Time : 00:23:02

Memory items scanned : 451

Memory threats detected : 0

Registry items scanned : 1396

Registry threats detected : 9

File items scanned : 22966

File threats detected : 50

Trojan.Dropper/Win-NV

[Microsoft Driver Setup] C:\WINDOWS\CFDRIVE32.EXE

C:\WINDOWS\CFDRIVE32.EXE

[Microsoft Driver Setup] C:\WINDOWS\CFDRIVE32.EXE

Trojan.Agent/Gen-FakeAV

[MSODESNV7] C:\WINDOWS\SYSTEM32\MSVMIODE.EXE

C:\WINDOWS\SYSTEM32\MSVMIODE.EXE

Adware.Tracking Cookie

C:\Documents and Settings\Winxp\Cookies\winxp@doubleclick[1].txt

media.kyte.tv [ C:\Documents and Settings\Winxp\Application Data\Macromedia\Flash Player\#SharedObjects\DSCSS8G5 ]

.atdmt.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.atdmt.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.doubleclick.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.adtech.de [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.premiumtv.122.2o7.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.content.yieldmanager.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.content.yieldmanager.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.zedo.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.zedo.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.zedo.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.zedo.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.zedo.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.zedo.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.zedo.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.advertising.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.yieldmanager.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.tradedoubler.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.tradedoubler.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.tradedoubler.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

ad.yieldmanager.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.revsci.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.bs.serving-sys.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.serving-sys.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

openx.fastwebmedia.net [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

.tribalfusion.com [ C:\Documents and Settings\Winxp\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

Trojan.Agent/Gen

HKLM\Software\Microsoft\Windows\CurrentVersion\Run#Microsoft Driver Setup [ C:\WINDOWS\cfdrive32.exe ]

Malware.Trace

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon#Taskman [ C:\Documents and Settings\Winxp\Application Data\ltzqai.exe ]

HKU\S-1-5-21-1220945662-1757981266-725345543-1003\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

Disabled.SecurityCenterOption

HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#ANTIVIRUSDISABLENOTIFY

HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY

HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY

Trojan.Agent/Gen-Tres[Drop]

C:\DOCUMENTS AND SETTINGS\WINXP\LOCAL SETTINGS\TEMP\081.EXE

Any help would be greatly appreciated.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...