Start Up Error

When i start up my pc i get this message:

Windows cannot find 'SSVICHOSST.exe'. Make sure you typed the name corrctly, and then try again. To search for a file, click the Start button and then click search.

What to do?

This is part of a flash drive infection.

• Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
  Link 1
  Link 2
  Link 3
  
• Double click DDS.scr to run
  
• When complete, DDS.txt will open.
  
• Save the report to your Desktop.
  
• Copy and paste DDS.txt back here, I don't need to see attach.txt.
  

DDS (Ver_09-02-01.01) - NTFSx86
Run by Sir $wat at 16:22:15.73 on Sat 03/07/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.416 [GMT -8:00]

AV: Internet Security Anti-Virus *On-access scanning disabled* (Updated)
FW: Internet Security Firewall *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Browser Defender\BDTUpdateService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\RTHDCPL.EXE
C:\program files\relevantknowledge\rlvknlg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox 3.1 Beta 2\firefox.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\International Cricket Captain 2008\Cricket.exe
C:\Documents and Settings\Sir $wat\Desktop\dds.scr

============== Pseudo HJT Report ===============

mWinlogon: Shell=Explorer.exe SSVICHOSST.exe
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Browser Defender Toolbar: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\browser defender\PCTBrowserDefender.dll
TB: Browser Defender Toolbar: {23b0d39a-e245-41b7-bf86-1238cf62625e} - c:\program files\browser defender\PCTBrowserDefender.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {2C688203-7EB3-4327-9995-1CB417BA23F9} - No File
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [RelevantKnowledge] c:\program files\relevantknowledge\rlvknlg.exe -boot
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {23B0D39A-E245-41B7-BF86-1238CF62625E}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
TCP: {4A260BB3-EAE3-40C9-A254-7E0C4C77F8F1} = 190.80.16.3 190.80.16.4
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sir$wa~1\applic~1\mozilla\firefox\profiles\kfi70utn.default\
FF - component: c:\documents and settings\sir $wat\application data\idm\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\documents and settings\sir $wat\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-3-4 130424]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2009-3-4 51520]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2009-3-4 38208]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2008-12-11 13696]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-3-4 159600]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\browser defender\BDTUpdateService.exe [2009-3-4 108416]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2008-12-11 8849]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2009-3-4 73840]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2008-12-15 603904]
S3 ICAM3NT5;Intel USB Video Camera III;c:\windows\system32\drivers\Icam3.sys [2009-2-13 141056]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2009-3-4 95656]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2009-3-4 64424]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\pc tools internet security\pctsAuxs.exe [2009-3-4 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\pc tools internet security\pctsSvc.exe [2009-3-4 1095592]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2009-3-4 33088]
S3 ThreatFire;ThreatFire;c:\program files\pc tools internet security\tfengine\tfservice.exe service --> c:\program files\pc tools internet security\tfengine\TFService.exe service [?]

=============== Created Last 30 ================

2009-03-07 15:44 939,368 a------- c:\windows\system32\flash.ocx
2009-03-07 15:44 608,448 a------- c:\windows\system32\comctl32.ocx
2009-03-07 15:44 253,952 a------- c:\windows\system32\histogram.ocx
2009-03-07 15:44 647,872 a------- c:\windows\system32\MSCOMCT2.OCX
2009-03-07 15:44 389,120 a------- c:\windows\system32\actskn43.ocx
2009-03-07 15:44 344,064 a------- c:\windows\system32\Msvcr70.dll
2009-03-07 15:44 188,416 a------- c:\windows\system32\actsplash.ocx
2009-03-07 15:44 101,888 a------- c:\windows\system32\VB6STKIT.DLL
2009-03-07 15:44 --d----- c:\program files\SoftwareClub.ws
2009-03-07 15:44 --d----- c:\program files\RelevantKnowledge
2009-03-06 23:08 0 a--shr-- c:\windows\system32\setting.ini
2009-03-04 21:03 --d----- c:\docume~1\sir$wa~1\applic~1\PCToolsSpamMonitorPlus
2009-03-04 21:03 --d----- c:\docume~1\sir$wa~1\applic~1\PCToolsFirewallPlus
2009-03-04 21:00 1,591,168 a------- c:\windows\PCTBDCore.dll
2009-03-04 21:00 716,800 a------- c:\windows\BDTSupport.dll
2009-03-04 21:00 157,568 a------- c:\windows\PCTBDRes.dll
2009-03-04 21:00 143,360 a------- c:\windows\SGDetectionTool.dll
2009-03-04 21:00 315 a------- c:\windows\UDB.zip
2009-03-04 21:00 131 a------- c:\windows\IDB.zip
2009-03-04 21:00 --d----- c:\program files\Browser Defender
2009-03-04 21:00 130,424 a------- c:\windows\system32\drivers\PCTCore.sys
2009-03-04 21:00 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-03-04 21:00 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-03-04 20:59 51,520 a------- c:\windows\system32\drivers\TfFsMon.sys
2009-03-04 20:59 38,208 a------- c:\windows\system32\drivers\TfSysMon.sys
2009-03-04 20:59 33,088 a------- c:\windows\system32\drivers\TfNetMon.sys
2009-03-04 20:59 12,608 a------- c:\windows\system32\drivers\TfKbMon.sys
2009-03-04 20:59 97,408 a------- c:\windows\system32\drivers\pctfw.sys
2009-03-04 20:59 95,656 a------- c:\windows\system32\drivers\pctplfw.sys
2009-03-04 20:59 64,424 a------- c:\windows\system32\drivers\pctplsg.sys
2009-03-04 20:59 --d----- c:\program files\common files\PC Tools
2009-03-04 20:59 --d----- c:\program files\PC Tools Internet Security
2009-03-04 20:59 --d----- c:\docume~1\sir$wa~1\applic~1\PC Tools
2009-03-04 20:59 --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-02-28 15:59 --d----- c:\docume~1\sir$wa~1\applic~1\LimeWire
2009-02-28 15:59 --d----- c:\program files\LimeWire
2009-02-28 11:50 --d-h--- c:\windows\PIF
2009-02-25 23:43 26,112 ac------ c:\windows\system32\dllcache\usbser.sys
2009-02-25 23:43 26,112 a------- c:\windows\system32\drivers\usbser.sys
2009-02-13 22:11 26,624 ac------ c:\windows\system32\dllcache\icam3ext.dll
2009-02-13 22:11 26,624 a------- c:\windows\system32\Icam3EXT.dll
2009-02-13 22:11 141,056 ac------ c:\windows\system32\dllcache\icam3.sys
2009-02-13 22:11 141,056 a------- c:\windows\system32\drivers\Icam3.sys

==================== Find3M ====================

2009-01-22 14:47 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-22 06:49 206,256 a------- c:\windows\system32\idmmbc.dll
2009-01-17 14:45 4,096 a------- c:\windows\system32\drivers\nocashio.sys
2008-12-19 23:32 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-18 16:04 98,304 a------- c:\windows\system32\CmdLineExt.dll
2008-12-15 23:35 603,904 a------- c:\windows\system32\TUProgSt.exe
2008-12-15 23:35 362,240 a------- c:\windows\system32\TuneUpDefragService.exe
2008-12-14 11:39 65,536 a------- c:\windows\IFinst27.exe
2008-12-11 23:44 122,717 a------- c:\windows\HPHins11.dat
2008-12-11 20:58 315,392 a------- c:\windows\HideWin.exe
2008-12-11 19:07 21,640 a------- c:\windows\system32\emptyregdb.dat

============= FINISH: 16:23:10.81 ===============

Hello.
Do you have Hijack This on this machine sir?
I want to see what's installed.

• Open HijackThis
  
• Click "Open the Misc Tools section"
  
• Click "Open Uninstall Manager"
  
• Click "Save List..." (generates uninstall_list.txt)
  
• Click Save, copy and paste the results in your next post.
  

7-Zip 4.62
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 6.0
Adobe Reader 8.1.0
Adobe Shockwave Player
Age of Empires III
Agere Systems PCI Soft Modem
Browser Defender 2.0.6.3
CCleaner (remove only)
CCScore
Cricket Captain 2008
EA SPORTS(TM) Cricket 07
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
fflink
FIFA 08
GTA San Andreas
HijackThis 2.0.2
HP Customer Participation Program 7.0
HP Imaging Device Functions 7.0
HP Photosmart and Deskjet 7.0 Software
HP Photosmart Essential
HP Software Update
HP Solution Center 7.0
ImageMixer VCD/DVD2 for OLYMPUS
Internet Download Manager
Java(TM) 6 Update 11
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
K-Lite Codec Pack 4.3.1 (Standard)
Kodak EasyShare software
LimeWire 5.0.11
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.1b2)
MSXML 4.0 SP2 (KB954430)
Need for Speed Underground 2
Nero 7 Essentials
netbrdg
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
OfotoXMI
OLYMPUS Master
PC Tools Internet Security 2009
Quake 4(TM)
QuickTime
REALTEK GbE & FE Ethernet PCI NIC Driver
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
RelevantKnowledge
Rtl8180
SC Net Speed Booster 4.5.0.2
Security Update for Windows XP (KB923789)
SFR
SHASTA
skin0001
SKINXSDK
Smart Defrag 1.03
staticcr
Switch
tooltips
TuneUp Utilities 2009
ubi.com
USB Disk Security 5.1.0.15
VPRINTOL
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
WinZip 11.1
WIRELESS
Yahoo! Install Manager
Yahoo! Messenger
Yahoo! Toolbar

that's it...

Hello.

I see that you are running Limewire.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.
Should you choose to remove them, but you are having trouble doing so, please let me know in your next post here and I will aid you.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

• LimeWire 5.0.11
  
• RelevantKnowledge <== known adware
  

Now lets fix the startup error.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of this lines:
  
  
  F2 - REG:system.ini: Shell=Explorer.exe, SSVICHOSST.exe
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Let me know how the machine is now and if you uninstalled Limewire.

i only put on lime wire the other day cuz a friend wanted to make a CD.

I know about the dangers and will take it off just as i am finished with it. Prolly 2 more days...

thanx alot