1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

MGRS.exe running processor at 100%

Discussion in 'Virus & Other Malware Removal' started by pfiltz, Nov 2, 2007.

Thread Status:
Not open for further replies.
  1. pfiltz

    pfiltz Thread Starter

    Joined:
    Jan 20, 2005
    Messages:
    294
    System is running Windows NT SP5. I need some help removing it.
    Also, I don't know what this is...--> O4 - HKLM\..\Run: [xytuxyxr] C:\WINNT\System32\xytuxyxr.exe


    BTW, I ended the MGRS.exe process before running HiJack.

    Here is a HiJackLog

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 7:38:15 AM, on 11/2/07
    Platform: Windows NT 4 SP5 (WinNT 4.00.1381)
    MSIE: Unable to get Internet Explorer version!
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\nddeagnt.exe
    C:\WINNT\Explorer.exe
    C:\Program Files\MGA NT PowerDesk\QDesk\MGAQDESK.EXE
    C:\Program Files\CD-Writer Plus\DirectCD\DIRECTCD.EXE
    C:\WINNT\System32\loadwc.exe
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\WINNT\dscio1rv.exe
    C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Program Files\Tiger Technologies\DeskFlag\deskflag.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.crunet.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.crunet.com/
    F2 - REG:system.ini: UserInit=userinit,nddeagnt.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [MGA QuickDesk] "C:\Program Files\MGA NT PowerDesk\QDesk\MGAQDESK.EXE"
    O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\CD-Writer Plus\DirectCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [BrowserWebCheck] loadwc.exe
    O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe /logon
    O4 - HKLM\..\Run: [TimeSink Ad Client] "c:\Program Files\TimeSink\AdGateway\TsAdBot.exe"
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [xytuxyxr] C:\WINNT\System32\xytuxyxr.exe
    O4 - HKLM\..\Run: [rock] rock.exe
    O4 - HKLM\..\Run: [avp] C:\WINNT\dscio1rv.exe
    O4 - HKLM\..\Run: [smgr] mgrs.exe
    O4 - HKLM\..\RunServices: [Microsoft Windows System] tbgnvaaa.exe
    O4 - HKCU\..\Run: [xytuxyxr] C:\WINNT\System32\xytuxyxr.exe
    O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
    O4 - HKUS\S-1-5-21-1477194092-1373913777-1509252994-1173\..\Run: [xytuxyxr] C:\WINNT\System32\xytuxyxr.exe (User '?')
    O4 - HKUS\S-1-5-21-1477194092-1373913777-1509252994-1173\..\Run: [Windows installer] C:\winstall.exe (User '?')
    O4 - S-1-5-21-1477194092-1373913777-1509252994-1173 Startup: DeskFlag.lnk = C:\Program Files\Tiger Technologies\DeskFlag\deskflag.exe (User '?')
    O4 - Startup: DeskFlag.lnk = C:\Program Files\Tiger Technologies\DeskFlag\deskflag.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
    O12 - Plugin for .spop: C:\PROGRA~1\Plus!\MICROS~1\Plugins\NPDocBox.dll
    O13 - WWW. Prefix: http://
    O14 - IERESET.INF: START_PAGE_URL=http://www.crunet.com
    O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - http://components.metastream.com/MTSInstallers/MetaStream3.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = dresden
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = dresden
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 10.1.0.2
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 10.1.0.2
    O23 - Service: MGACtrl - Martrox Graphics Inc. - C:\WINNT\System32\mgasc.exe

    --
    End of file - 3843 bytes
     
    pfiltz, Nov 2, 2007
    #1
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - MGRS running processor
  1. larryslade

    Solved Windows 10 running slow

    larryslade, Aug 13, 2019, in forum: Virus & Other Malware Removal
    Replies:
    9
    Views:
    1,001
    flavallee
    Aug 15, 2019
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/646783

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice