Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help Lotus8


  • This topic is locked This topic is locked
2 replies to this topic

#1 lotus8

lotus8

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 17 May 2008 - 08:36 PM

hi got a shell32 and host problem cant solve hope u can help me thx. heres the results of scans.



Deckard's System Scanner v20071014.68
Run by Compaq_Owner on 2008-05-17 18:27:12
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
29: 2008-05-18 01:27:17 UTC - RP29 - Deckard's System Scanner Restore Point
28: 2008-05-17 20:48:00 UTC - RP28 - Installed Ad-Aware 2007
27: 2008-05-17 20:44:02 UTC - RP27 - Installed Ad-Aware 2007
26: 2008-05-15 04:07:56 UTC - RP26 - Installed Compact Wireless-G USB Adapter
25: 2008-05-15 04:04:02 UTC - RP25 - Removed Compact Wireless-G USB Adapter


-- First Restore Point --
1: 2008-05-06 01:51:28 UTC - RP1 - Removed Norton Security Center


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Compaq_Owner.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:29:50 PM, on 5/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\wuauclt.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Compaq_Owner\My Documents\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Compaq_Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...arm1=seconduser
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Program Files\Mozilla Firefox\plugins\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 9035 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - c:\windows\system32\gtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>

S1 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-05-17 17:51:00 268 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-05-05 18:25:35 330 --a------ C:\WINDOWS\Tasks\Easy Internet Sign-up.job


-- Files created between 2008-04-17 and 2008-05-17 -----------------------------

2008-05-17 18:29:38 0 d-------- C:\Program Files\Trend Micro
2008-05-17 14:02:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-17 13:56:00 0 d--hs---- C:\WINDOWS\ftpcache
2008-05-10 12:35:33 0 d-------- C:\WINDOWS\NV27363728.TMP
2008-05-10 10:21:38 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2008-05-09 23:50:43 0 d-------- C:\WINDOWS\system32\PreInstall
2008-05-09 20:36:27 0 d-------- C:\WINDOWS\Prefetch
2008-05-09 16:50:49 0 d-------- C:\WINDOWS\system32\scripting
2008-05-09 16:50:48 0 d-------- C:\WINDOWS\l2schemas
2008-05-09 16:49:25 0 d-------- C:\WINDOWS\ServicePackFiles
2008-05-08 18:11:05 237568 --a------ C:\Documents and Settings\LocalService\ntuser.dat
2008-05-08 18:11:05 1572864 --a------ C:\Documents and Settings\Compaq_Owner\ntuser.dat
2008-05-07 20:58:19 0 d-------- C:\WINDOWS\system32\LogFiles
2008-05-07 20:58:19 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-06 17:46:05 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-05-05 18:57:15 94208 --a------ C:\WINDOWS\system32\GTW32N50.dll
2008-05-05 18:57:15 15872 --a------ C:\WINDOWS\system32\GTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
2008-05-05 18:57:14 32768 --a------ C:\WINDOWS\system32\GTGina.dll <Not Verified; Gemtek; GTGina Dynamic Link Library>
2008-05-05 18:39:04 0 dr-hs---- C:\cmdcons
2008-05-05 18:35:19 0 d-------- C:\WINDOWS\NV20762636.TMP
2008-05-05 18:27:41 0 dr-h----- C:\Documents and Settings\Compaq_Owner\Recent
2008-05-05 18:24:01 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\Templates
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\Start Menu
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\SendTo
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\PrintHood
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\NetHood
2008-05-05 18:24:00 0 dr------- C:\Documents and Settings\Compaq_Owner\My Documents
2008-05-05 18:24:00 0 d--h----- C:\Documents and Settings\Compaq_Owner\Local Settings
2008-05-05 18:24:00 0 dr------- C:\Documents and Settings\Compaq_Owner\Favorites
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\Desktop
2008-05-05 18:24:00 0 d---s---- C:\Documents and Settings\Compaq_Owner\Cookies
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Symantec
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Real
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Intuit
2008-05-05 18:24:00 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Identities
2008-05-05 18:23:59 0 d-------- C:\Documents and Settings\Compaq_Owner\WINDOWS
2008-05-05 18:22:47 262144 --a------ C:\Documents and Settings\Application Data\NTUSER.DAT
2008-05-03 12:48:02 0 d-------- C:\Alien Arena 2007
2008-05-03 12:04:47 0 d-------- C:\Linksys Driver
2008-04-28 18:34:17 0 d-------- C:\Program Files\RegCleaner
2008-04-22 20:04:36 0 d-------- C:\Program Files\Sierra Entertainment
2008-04-22 19:29:09 0 d-------- C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor
2008-04-21 15:33:19 0 d-------- C:\5d6a060953e2c3e0e8cb495248bb


-- Find3M Report ---------------------------------------------------------------

2008-05-17 17:05:41 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\AVG7
2008-05-10 12:37:54 3649 --a------ C:\WINDOWS\viassary-hp.reg
2008-05-09 20:13:48 0 d-------- C:\Program Files\Windows NT
2008-05-09 20:13:10 0 d-------- C:\Program Files\Movie Maker
2008-05-09 20:10:42 0 d-------- C:\Program Files\Messenger
2008-05-09 16:47:22 250048 -rahs---- C:\ntldr
2008-05-05 19:25:02 0 d-------- C:\Program Files\Java
2008-05-05 18:51:53 0 d-------- C:\Program Files\Common Files
2008-05-05 18:46:55 0 d-------- C:\Program Files\Symantec
2008-05-05 18:25:36 0 d-------- C:\Program Files\Easy Internet signup
2008-04-24 18:14:46 0 d-------- C:\Program Files\Wolfenstein - Enemy Territory
2008-04-23 16:51:45 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Yahoo!
2008-04-13 17:25:26 1804 --a------ C:\WINDOWS\system32\dcache.bin
2008-04-09 17:56:59 0 d-------- C:\Program Files\Saitek
2008-03-25 19:23:21 0 d-------- C:\Program Files\Tremulous
2008-03-25 19:20:24 0 d-------- C:\Program Files\9Dragons
2008-03-23 18:48:58 0 d-------- C:\Program Files\Sierra
2008-03-22 22:49:01 0 d-------- C:\Program Files\MAIET
2008-03-19 20:54:41 0 d-------- C:\Program Files\City of Heroes
2008-02-20 21:22:23 286720 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>
2008-02-20 21:22:22 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCDrProfiler"="" []
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [02/25/2005 10:34 PM]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [05/11/2005 12:50 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [02/17/2005 06:11 AM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 01:41 AM]
"nwiz"="nwiz.exe" [12/05/2007 01:41 AM C:\WINDOWS\system32\nwiz.exe]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [08/03/2005 08:51 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [05/05/2008 07:25 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [05/09/2008 09:27 PM]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 01:41 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 10:00 PM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"FlashPlayerUpdate"=C:\Program Files\Mozilla Firefox\plugins\NPSWF32_FlashUtil.exe -p

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [12/14/2004 11:44:06 AM]
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [8/3/2005 9:14:04 AM]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{28e26798-02ad-11da-8aef-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480




-- End of Deckard's System Scanner: finished at 2008-05-17 18:30:33 ------------

thx

BC AdBot (Login to Remove)

 


m

#2 drex23

drex23

    Bleeping Existence


  • Members
  • 456 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:27 PM

Posted 11 June 2008 - 06:41 PM

Hi, if you would still like assistance, please post more specific information about the problems you are having. Also, perform the following so I can see what the current state of your computer is.
  • Click Start and then Run to bring up the Run box.
  • Copy and paste the contents of this quote box into the run box:

    "%userprofile%\desktop\dss.exe" /config

  • Close all other open windows.
  • Click OK.
  • A window will now open. Click Check All and then click Scan!.
  • When the scan is complete, two text files will open in Notepad:
    • main.txt <- this one will be maximized
    • extra.txt <- this one will be minimized
  • If not, they both can be found in the C:\Deckard\System Scanner folder.
  • Please copy (Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your next reply.

Next:

Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You will probably need to use multiple posts for that information.

#3 drex23

drex23

    Bleeping Existence


  • Members
  • 456 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:27 PM

Posted 20 June 2008 - 06:17 PM

Due to the lack of feedback, this topic is closed.

If you need this topic reopened due to continuation of your original problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin your own topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users