Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable To Start Any Antivirus


  • This topic is locked This topic is locked
2 replies to this topic

#1 jitesh1212

jitesh1212

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:33 AM

Posted 10 May 2008 - 09:45 AM

hi i am using win xp since 2 days i am encountering a new virus don`t know its name....it has stopped every ant virus prog on my system....AVG,Avira are damaged n not working....this is a logfile plez help any1.....

Deckard's System Scanner v20071014.68
Run by intel on 2008-05-10 19:55:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 2 Restore Point(s) --
2: 2008-05-10 14:25:04 UTC - RP2 - Deckard's System Scanner Restore Point
1: 2008-05-10 13:40:48 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 504 MiB (512 MiB recommended).


-- HijackThis (run as intel.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:55:59 PM, on 5/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesGlass2kGlass2k.exe
C:Program FilesVistaDriveIconDrvIcon.exe
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
C:Program FilesFarStoneVirtualDriveVHDRDTask.exe
C:WINDOWSsystem32igfxsrvc.exe
C:Program FilesFarStoneVirtualDriveVDTask.exe
C:Program FilesJavajre1.6.0_03binjusched.exe
C:Program FilesCommon FilesAheadLibNMBgMonitor.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesInternet Download ManagerIDMan.exe
C:WINDOWSsystem32wscntfy.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesStylerStyler.exe
C:Program FilesCommon FilesSkyscapeSmartUpdate.exe
C:Program FilesWebshotswebshots.scr
C:Program FilesCommon FilesAheadLibNMIndexingService.exe
C:Program FilesInternet Download ManagerIEMonitor.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32NOTEPAD.EXE
C:Program FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C:Documents and SettingsintelMy DocumentsDownloadsProgramsdss.exe
C:PROGRA~1TRENDM~1HIJACK~1intel.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program FilesInternet Download ManagerIDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_03binssv.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:Program FilesStylerTBStylerTB.dll
O3 - Toolbar: Webshots Toolbar - {C17590D2-ECB4-4b15-8820-F58798DCC118} - C:Program FilesWebshotsWSToolbar4IE.dll
O4 - HKLM..Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM..Run: [Cpqset] C:Program FilesHPQDefault Settingscpqset.exe
O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [Glass2k] C:Program FilesGlass2kGlass2k.exe
O4 - HKLM..Run: [DrvIcon] C:Program FilesVistaDriveIconDrvIcon.exe
O4 - HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [Persistence] C:WINDOWSsystem32igfxpers.exe
O4 - HKLM..Run: [RAMDrive] "C:Program FilesFarStoneVirtualDriveVHDRDTask.exe"
O4 - HKLM..Run: [VirtualDrive] "C:Program FilesFarStoneVirtualDriveVDTask.exe" /AutoRestore
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_03binjusched.exe"
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesCommon FilesAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft ActiveSyncwcescomm.exe"
O4 - HKCU..Run: [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
O4 - HKLM..PoliciesExplorerRun: [winlogon] C:ntdetec1run.exe
O4 - Startup: Webshots.lnk = C:Program FilesWebshotsLauncher.exe
O4 - Startup: Skyscape SmartUpdate.lnk = C:Program FilesCommon FilesSkyscapeSmartUpdate.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Styler.lnk = C:Program FilesStylerStyler.exe
O8 - Extra context menu item: &Download with &DAP - C:Program FilesDAPdapextie.htm
O8 - Extra context menu item: &Webshots Photo Search - res://C:Program FilesWebshotsWSToolbar4IE.dll/MENUSEARCH.HTM
O8 - Extra context menu item: Download &all with DAP - C:Program FilesDAPdapextie2.htm
O8 - Extra context menu item: Download all links with IDM - C:Program FilesInternet Download ManagerIEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:Program FilesInternet Download ManagerIEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:Program FilesInternet Download ManagerIEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:PROGRA~1MI3AA1~1INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O17 - HKLMSystemCCSServicesTcpip..{33CA4537-41C8-4CDF-99C9-E8939953022D}: NameServer = 192.140.0.1
O23 - Service: 4E71F92E - Unknown owner - C:WINDOWSsystem3252CEB05D.EXE (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:Program FilesCommon FilesAheadLibNMIndexingService.exe

--
End of file - 6672 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 dpti930 - c:windowssystem32driverserqfnn.sys (file missing)

S3 SmartCd - c:windowssystem32driverssmartcd.sys (file missing)
S3 UIUSys (Conexant Setup API) - c:windowssystem32driversuiusys.sys (file missing)
S4 cdawdm - c:windowssystem32driverscdawdm.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 4E71F92E - c:windowssystem3252ceb05d.exe -k (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 802.11b/g WLAN
Device ID: PCIVEN_14E4&DEV_4315&SUBSYS_137D103C&REV_014&4878531&0&00E1
Manufacturer: Broadcom
Name: Broadcom 802.11b/g WLAN
PNP Device ID: PCIVEN_14E4&DEV_4315&SUBSYS_137D103C&REV_014&4878531&0&00E1
Service: BCM43XX

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPIHPQ00062&DABA3FF&0
Manufacturer:
Name:
PNP Device ID: ACPIHPQ00062&DABA3FF&0
Service:


-- Files created between 2008-04-10 and 2008-05-10 -----------------------------

2008-05-10 17:59:41 0 d-------- C:Documents and SettingsAll UsersApplication DataAvg7
2008-05-10 17:04:11 0 d-------- C:Program FilesEsetOnlineScanner
2008-05-10 00:13:58 0 d-------- C:Program FilesTrend Micro
2008-05-09 22:46:16 0 d-------- C:Documents and SettingsAll UsersApplication DataAvira
2008-05-09 22:23:35 39936 --a------ C:WINDOWSsystem32winresponse32.exe
2008-05-09 00:22:26 1025 --a------ C:WINDOWSsystem32sysprs7.dll
2008-05-09 00:22:26 205 --a------ C:WINDOWSsystem32lsprst7.dll
2008-05-09 00:21:26 0 --a------ C:WINDOWSsystem32ssprs.dll
2008-05-09 00:21:26 0 --a------ C:WINDOWSsystem32serauth2.dll
2008-05-09 00:21:26 0 --a------ C:WINDOWSsystem32serauth1.dll
2008-05-09 00:21:26 0 --a------ C:WINDOWSsystem32nsprs.dll
2008-05-09 00:21:26 1024 --a------ C:WINDOWSsystem32clauth2.dll
2008-05-09 00:21:26 1024 --a------ C:WINDOWSsystem32clauth1.dll
2008-05-09 00:20:08 0 d-------- C:Program FilesSPSSEval
2008-05-08 00:19:04 0 d-------- C:Documents and SettingsintelApplication DataFileFactory Turbo
2008-05-08 00:18:47 0 d-------- C:Program FilesFileFactory Turbo
2008-05-07 14:43:24 0 d-------- C:Program FilesMegauploadToolbar
2008-05-07 14:33:46 0 d-------- C:Documents and SettingsintelApplication DataIDM
2008-05-07 14:33:46 0 d-------- C:Documents and SettingsintelApplication DataDMCache
2008-05-07 14:33:40 0 d-------- C:Program FilesInternet Download Manager
2008-05-06 14:24:40 0 d-------- C:Documents and SettingsintelApplication DataMikrotik
2008-05-05 23:44:53 886784 --a------ C:WINDOWSebook_library.dll
2008-05-05 23:44:51 0 d-------- C:WINDOWSsystem32IE updates
2008-04-22 22:55:02 0 d--hs---- C:FOUND.003
2008-04-14 07:46:09 0 d-------- C:WINDOWSSun
2008-04-14 06:50:55 0 d-------- C:Program FilesLexi-Comp Analyze
2008-04-13 16:02:58 50688 --a------ C:WINDOWSsystem32wbhelp2.dll <Not Verified; Stardock.Net, Inc; WindowBlinds for Win32 x86 machines>
2008-04-13 16:02:58 0 d-------- C:Program FilesDAP
2008-04-13 15:55:01 0 d-------- C:Program FilesLexi-Comp The 5-Minute Clinical Consult
2008-04-13 10:12:44 0 d-------- C:Program FilesLexi-Comp Reader
2008-04-13 09:42:11 0 d-------- C:Documents and SettingsintelLexiConnect
2008-04-13 09:31:16 0 d-------- C:Program FilesJava
2008-04-13 09:31:15 0 d-------- C:Program FilesCommon FilesJava
2008-04-13 09:30:57 0 d-------- C:Documents and SettingsintelApplication DataSun
2008-04-11 15:44:19 163599 --a------ C:WINDOWSpsuninst2.exe <Not Verified; HelpStudio Software House; PocketSetup 2001>
2008-04-11 15:41:52 90112 --a------ C:WINDOWSRSetupCE.exe
2008-04-11 15:41:50 0 d-------- C:Program FilesResco
2008-04-11 15:38:48 0 d-------- C:Program FilesPocketDivx
2008-04-11 15:36:12 0 d-------- C:Program FilesMedical Eponyms


-- Find3M Report ---------------------------------------------------------------

2008-05-10 17:26:42 119296 --a------ C:WINDOWSsystem32CHDAudPropShortcut.exe <Not Verified; Windows ® Server 2003 DDK provider; Microsoft® Windows® Operating System>
2008-05-10 17:26:18 581120 --a------ C:WINDOWSAdobe Pdf Money Guide.exe
2008-04-14 16:04:46 724992 --a------ C:WINDOWSiun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-04-08 16:00:22 0 d-------- C:Program Filesskyscape
2008-04-08 15:58:50 0 d-------- C:Program FilesCommon FilesSkyscape
2008-04-08 00:16:54 0 d-------- C:Documents and SettingsintelApplication DataSprite Software
2008-04-08 00:16:52 0 d-------- C:Documents and SettingsintelApplication DataSprite PC Agent
2008-04-08 00:14:58 2528 --a------ C:Documents and SettingsintelApplication Data$_hpcst$.hpc
2008-04-08 00:05:42 0 d-------- C:Program FilesSprite Software
2008-04-03 00:55:54 615 --a------ C:WINDOWSeReg.dat
2008-04-03 00:47:24 522 --a------ C:inVHDDrvLog.dat
2008-04-03 00:39:36 0 d-------- C:Program FilesFarStone
2008-04-03 00:38:28 86016 --a------ C:WINDOWSsystem32Dversion.dll <Not Verified; FarStone Technology, Inc.; Farstone Dversion>
2008-04-03 00:38:28 110592 --a------ C:WINDOWSsystem32DVC.dll
2008-04-01 22:44:08 0 d-------- C:Documents and SettingsintelApplication DataFarStone
2008-04-01 22:41:14 5501 --a------ C:WINDOWSsystem32rtclcmg32.dll
2008-03-30 15:44:02 0 d-------- C:Documents and SettingsintelApplication DataGroove Games
2008-03-30 02:29:00 0 d-------- C:Documents and SettingsintelApplication DataInstallShield
2008-03-29 00:39:58 0 d-------- C:Program FilesGameSpy Arcade
2008-03-28 19:05:22 0 d-------- C:Program FilesDIFX
2008-03-28 18:24:40 664 --a------ C:WINDOWSsystem32d3d9caps.dat
2008-03-28 17:34:36 552 --a------ C:WINDOWSsystem32d3d8caps.dat
2008-03-28 17:28:26 0 d-------- C:Program FilesRockstar Games
2008-03-28 14:13:06 0 d-------- C:Documents and SettingsintelApplication DataStyler
2008-03-25 21:24:54 0 d-------- C:Program FilesDXBall2
2008-03-25 17:14:56 0 d-------- C:Documents and SettingsintelApplication DataWebshots
2008-03-22 23:38:12 0 d-------- C:Documents and SettingsintelApplication DataMacromedia
2008-03-22 23:37:22 1158 --a------ C:WINDOWSmozver.dat
2008-03-22 09:05:42 0 d-------- C:Program FilesVistaDriveIcon
2008-03-22 09:05:40 0 d-------- C:Program FilesThoosje Sidebar V2.3
2008-03-22 09:05:40 0 d-------- C:Program FilesStyler
2008-03-22 09:05:40 0 d-------- C:Program Filesglass2k
2008-03-22 09:05:34 218624 --a------ C:WINDOWSsystem32uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-22 00:30:36 0 d-------- C:Documents and SettingsintelApplication DataAdobe
2008-03-22 00:18:44 0 --a------ C:WINDOWSnsreg.dat
2008-03-22 00:18:40 0 d-------- C:Documents and SettingsintelApplication DataMozilla
2008-03-21 23:59:34 0 d-------- C:Documents and SettingsintelApplication DataiSilo
2008-03-21 23:59:08 0 d-------- C:Program FilesiSilo
2008-03-21 23:58:00 0 d-------- C:Program FilesCyberLink
2008-03-21 14:53:14 0 d-------- C:Documents and SettingsintelApplication Datavlc
2008-03-21 12:44:12 0 d-------- C:Program FilesJHC SoftWare
2008-03-21 12:39:46 0 d-------- C:Program FilesVCop2
2008-03-21 06:33:12 0 d-------- C:Program FilesCommon FilesLightScribe
2008-03-21 06:32:36 0 d-------- C:Documents and SettingsintelApplication DataAhead
2008-03-21 06:30:06 0 d-------- C:Program FilesNero
2008-03-21 06:30:04 0 d-------- C:Program FilesCommon FilesAhead
2008-03-21 06:26:18 0 d-------- C:Program FilesWebshots
2008-03-21 06:25:20 0 d-------- C:Program FilesWinamp
2008-03-21 06:24:52 0 d-------- C:Program FilesVideoLAN
2008-03-21 06:23:36 0 d-------- C:Program FilesKundli
2008-03-21 06:22:32 0 d-------- C:Program FilesCommon FilesAdobe
2008-03-21 06:20:10 0 d-------- C:Program FilesCommon FilesL&H
2008-03-21 06:20:02 0 d-------- C:Program FilesMicrosoft.NET
2008-03-21 06:19:50 0 d-------- C:Program FilesMicrosoft ActiveSync
2008-03-21 06:19:16 0 d-------- C:Program FilesMicrosoft Works
2008-03-21 06:10:06 0 d-------- C:Program FilesBroadcom
2008-03-21 06:08:02 0 d-------- C:Program FilesNetWaiting
2008-03-21 06:04:30 0 d-------- C:Program FilesCONEXANT
2008-03-21 05:51:00 0 d--h----- C:Program FilesInstallShield Installation Information
2008-03-21 05:51:00 0 d-------- C:Program FilesHPQ
2008-03-21 05:50:56 0 d-------- C:Program FilesCommon FilesInstallShield
2008-03-21 05:38:50 0 d-------- C:Program FilesIntel
2008-03-21 05:37:30 0 d-------- C:Documents and SettingsintelApplication DataIdentities
2008-03-21 05:32:30 0 d-------- C:Program Filesmicrosoft frontpage
2008-03-21 05:32:14 0 -rahs---- C:MSDOS.SYS
2008-03-21 05:32:14 0 -rahs---- C:IO.SYS
2008-03-21 05:32:14 0 --a------ C:CONFIG.SYS
2008-03-21 05:32:14 0 --a------ C:AUTOEXEC.BAT
2008-03-21 05:31:06 0 d--h----- C:Program FilesWindowsUpdate
2008-03-21 05:30:04 0 d-------- C:Program FilesCommon FilesMSSoap
2008-03-21 05:29:46 0 d-------- C:Program FilesMovie Maker
2008-03-21 05:28:52 21640 --a------ C:WINDOWSsystem32emptyregdb.dat
2008-03-21 05:28:30 0 d-------- C:Program FilesOnline Services
2008-03-21 05:28:24 0 d-------- C:Program FilesMessenger
2008-03-21 05:28:20 0 d-------- C:Program FilesMSN Gaming Zone
2008-03-21 05:27:38 0 d-------- C:Program FilesWindows NT
2008-03-21 05:23:20 0 d-------- C:Program FilesCommon FilesODBC
2008-03-21 05:23:16 0 d-------- C:Program FilesCommon Files
2008-03-21 05:23:16 0 d-------- C:Program FilesCommon FilesSpeechEngines
2008-03-21 05:22:48 62 --ahs---- C:Documents and SettingsintelApplication Datadesktop.ini
2008-03-12 22:03:30 1996336 --a------ C:WINDOWSsystem32Checker.exe
2008-02-11 09:39:26 253952 --a------ C:WINDOWSsystem32OnlineScannerDLLA.dll <Not Verified; ; OnlineScanner Dynamic Link Library>
2008-02-11 09:39:18 237568 --a------ C:WINDOWSsystem32OnlineScannerDLLW.dll <Not Verified; ; OnlineScanner Dynamic Link Library>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [05/10/2008 05:26 PM C:WINDOWSsystem32CHDAudPropShortcut.exe]
"Cpqset"="C:Program FilesHPQDefault Settingscpqset.exe" [05/10/2008 05:34 PM]
"NeroFilterCheck"="C:Program FilesCommon FilesAheadLibNeroCheck.exe" [05/04/2007 10:59 AM]
"Adobe Reader Speed Launcher"="C:Program FilesAdobeReader 8.0ReaderReader_sl.exe" [01/11/2008 10:16 PM]
"Glass2k"="C:Program FilesGlass2kGlass2k.exe" [10/17/2007 04:34 AM]
"DrvIcon"="C:Program FilesVistaDriveIconDrvIcon.exe" [05/10/2008 05:37 PM]
"IgfxTray"="C:WINDOWSsystem32igfxtray.exe" [09/18/2007 10:29 PM]
"HotKeysCmds"="C:WINDOWSsystem32hkcmd.exe" [09/18/2007 10:29 PM]
"Persistence"="C:WINDOWSsystem32igfxpers.exe" [09/18/2007 10:29 PM]
"RAMDrive"="C:Program FilesFarStoneVirtualDriveVHDRDTask.exe" [05/10/2008 05:38 PM]
"@"="" []
"VirtualDrive"="C:Program FilesFarStoneVirtualDriveVDTask.exe" [05/10/2008 05:38 PM]
"SunJavaUpdateSched"="C:Program FilesJavajre1.6.0_03binjusched.exe" [09/25/2007 01:11 AM]
"KernelFaultCheck"="C:WINDOWSsystem32dumprep 0 -k" []

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:Program FilesCommon FilesAheadLibNMBgMonitor.exe" [05/04/2007 10:39 AM]
"ctfmon.exe"="C:WINDOWSsystem32ctfmon.exe" [08/04/2004 01:07 AM]
"H/PC Connection Agent"="C:Program FilesMicrosoft ActiveSyncwcescomm.exe" [11/13/2006 01:39 PM]
"IDMan"="C:Program FilesInternet Download ManagerIDMan.exe" [05/05/2008 07:30 PM]

C:Documents and SettingsintelStart MenuProgramsStartup
Webshots.lnk - C:Program FilesWebshotsLauncher.exe [3/21/2008 6:26:16 AM]
Skyscape SmartUpdate.lnk - C:Program FilesCommon FilesSkyscapeSmartUpdate.exe [3/3/2008 11:27:30 PM]

C:Documents and SettingsAll UsersStart MenuProgramsStartup
Adobe Gamma Loader.lnk - C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe [3/21/2008 6:22:36 AM]
Styler.lnk - C:Program FilesStylerStyler.exe [4/15/2007 4:28:36 PM]

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"EnableLUA"=0 (0x0)

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorerRun]
"winlogon"=C:ntdetec1run.exe

SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalFile system]
@="Driver Group"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalRpcSs]
@="Service"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalvgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimal{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"


[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{a9f217f6-fef0-11dc-87f2-001b38c32047}]
AutoRuncommand- I:
exploreCommand- I:RECYCLERINFO.exe
openCommand- I:RECYCLERINFO.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ef3ddf38-fc2b-11dc-87d6-001b38c32047}]
Autocommand- H:auto.exe
AutoRuncommand- C:WINDOWSsystem32RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe


[HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:Program FilesCommon FilesLightScribeLSRunOnce.exe"



-- End of Deckard's System Scanner: finished at 2008-05-10 19:57:00 ------------

Edited by KoanYorel, 10 May 2008 - 09:57 AM.


BC AdBot (Login to Remove)

 


#2 Simon V.

Simon V.

  • Members
  • 439 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:33 PM

Posted 28 May 2008 - 06:38 AM

Hello, and welcome to the forum :thumbsup:

I'm sorry for the delay, the forums are very busy. If you still need help, please post a new Deckard's System Scanner log and give a description of how your computer is currently running.
Simon V.

Posted Image
Posted Image

So How Did I Get Infected In The First Place?
Stand Up and Be Counted!

My help at this forum is free, but if you wish to make a donation to help me continue the fight against malware - click here.

#3 Simon V.

Simon V.

  • Members
  • 439 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:33 PM

Posted 03 June 2008 - 10:25 AM

Due to inactivity this topic will be closed.

If you need help please start a new thread and post a new HijackThis log.
Simon V.

Posted Image
Posted Image

So How Did I Get Infected In The First Place?
Stand Up and Be Counted!

My help at this forum is free, but if you wish to make a donation to help me continue the fight against malware - click here.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users