Tech Support Forum banner
Cancel

Edi.exe alerts every 5 mins please HELP

Jump to Latest Follow
Status
Not open for further replies.
1 - 2 of 2 Posts
X

· Registered
Joined
·
1 Posts
Discussion Starter · #1 ·
I have a trojan/virus?

I just can't seem to get rid of it.

D:\DOCUME~1\Sarah\LOCALS~1\Temp\ac8zt2\main_uninstaller

Win32:Adware-gen [Adw]
D:\DOCUME~1\Sarah\LOCALS~1\Temp\ac8zt2\msmdev.dll
Win32:Agent-LTS [Trj]

D:\DOCUME~1\Sarah\LOCALS~1\Temp\ac8zt2\msmhost.dll
Win32:Adware-gen [Adw]

D:\DOCUME~1\Sarah\LOCALS~1\Temp\ac8zt2\nsduo.dll
Win32:Adware-gen [Adw]

D:\DOCUME~1\Sarah\LOCALS~1\Temp\ac8zt2\rmv.exe
Win32:Adware-gen [Adw]

These are the messages that Avast reports, I click delete but they keep coming back.

Here is a Combo fix log
ComboFix 07-11-08.3 - Sarah 2007-11-18 0:02:07.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.44.1033.18.168 [GMT 0:00]Running from: D:\Documents and Settings\Sarah\Local Settings\Temporary Internet Files\Content.IE5\J7YXQLIM\ComboFix[1].exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\WINDOWS\dat.txt
D:\WINDOWS\rs.txt
D:\WINDOWS\search_res.txt

.
((((((((((((((((((((((((( Files Created from 2007-10-18 to 2007-11-18 )))))))))))))))))))))))))))))))
.

2007-11-18 00:00 51,200 --a------ D:\WINDOWS\NirCmd.exe
2007-11-17 23:20 <DIR> d-------- D:\WINDOWS\system32\backuped
2007-11-17 23:20 <DIR> d-------- D:\Program Files\True Sword 4
2007-11-17 23:20 <DIR> d-------- D:\Documents and Settings\Sarah\Application Data\True Sword
2007-11-17 22:59 <DIR> d-------- D:\Program Files\FDRLab
2007-11-17 17:33 <DIR> d-------- D:\Program Files\Prevx2
2007-11-17 17:25 <DIR> d-------- D:\Temp\Tmp___23512
2007-11-17 17:25 <DIR> d-------- D:\Temp
2007-11-17 17:12 <DIR> d-------- D:\Documents and Settings\Sarah\Application Data\Prevx
2007-11-17 02:46 3,248 --a------ D:\WINDOWS\system32\tmp.reg
2007-11-17 02:45 289,144 --a------ D:\WINDOWS\system32\VCCLSID.exe
2007-11-17 02:45 288,417 --a------ D:\WINDOWS\system32\SrchSTS.exe
2007-11-17 02:45 53,248 --a------ D:\WINDOWS\system32\Process.exe
2007-11-17 02:45 51,200 --a------ D:\WINDOWS\system32\dumphive.exe
2007-11-17 02:45 25,600 --a------ D:\WINDOWS\system32\WS2Fix.exe
2007-11-17 00:20 <DIR> d-------- D:\WINDOWS\BDOSCAN8
2007-11-16 15:21 303,104 --a------ D:\WINDOWS\ddkret.dll
2007-11-16 15:21 299,008 --a------ D:\WINDOWS\oprevnpx.dll
2007-11-16 15:21 114,688 --a------ D:\WINDOWS\sawkip.exe
2007-11-13 19:35 <DIR> d-------- D:\Program Files\Bettys Beer Bar
2007-11-12 16:10 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\Fugazo
2007-11-12 15:54 <DIR> d-------- D:\Program Files\Fashion Fits
2007-11-12 15:36 <DIR> d-------- D:\Program Files\Diner Dash Hometown Hero
2007-11-07 16:26 <DIR> d-------- D:\Documents and Settings\Sarah\Application Data\funkitron
2007-11-07 16:10 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\Playtonium Games
2007-11-07 15:56 <DIR> d-------- D:\Program Files\The 80`s Game with Martha Quinn
2007-11-07 15:56 <DIR> d-------- D:\Program Files\Slingo Deluxe
2007-11-07 15:54 <DIR> d-------- D:\Program Files\Pat Sajak's Trivia Gems
2007-11-07 15:53 <DIR> d-------- D:\Program Files\Trivial Pursuit - Silver Screen Edition
2007-10-31 17:42 <DIR> d-------- D:\Documents and Settings\Sarah\Application Data\VideoEgg
2007-10-28 18:45 <DIR> d-------- D:\Program Files\SpongeBob SquarePants Obstacle Odyssey
2007-10-26 19:24 <DIR> d--hs---- D:\FOUND.013
2007-10-25 10:26 53,248 --a------ D:\WINDOWS\bdoscandel.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-26 03:34 8,460,288 ----a-w D:\WINDOWS\system32\dllcache\shell32.dll
2007-10-17 20:30 --------- d-----w D:\Program Files\Chicken Attack
2007-10-12 14:32 --------- d-----w D:\Documents and Settings\All Users\Application Data\Aliasworlds
2007-10-12 14:25 --------- d-----w D:\Program Files\Snowy Lunch Rush
2007-10-12 14:23 --------- d-----w D:\Program Files\Teddy Factory
2007-10-09 16:31 --------- d-----w D:\Program Files\Burger Shop
2007-10-03 22:23 --------- d-----w D:\Program Files\Veoh Networks
2007-10-03 16:11 --------- d-----w D:\Program Files\SpongeBob SquarePants Diner Dash 2
2007-10-03 16:09 --------- d-----w D:\Program Files\Dr. Daisy Pet Vet
2007-10-03 16:05 --------- d-----w D:\Program Files\Kudos Rock Legend
2007-10-03 16:02 --------- d-----w D:\Program Files\The Scruffs
2007-09-29 16:58 --------- d-----w D:\Program Files\TVAnts
2007-09-25 21:43 --------- d-----w D:\Program Files\Picasa2
2007-09-25 17:12 --------- d-----w D:\Documents and Settings\Sarah\Application Data\Jane s Hotel
2007-09-25 17:07 --------- d-----w D:\Program Files\Janes Hotel
2007-09-19 11:39 --------- d-----w D:\Program Files\Shockwave.com
2007-08-27 18:08 359,808 ----a-w D:\WINDOWS\system32\dllcache\TCPIP.SYS
2007-08-21 07:15 683,520 ----a-w D:\WINDOWS\system32\inetcomm.dll
2007-08-21 07:15 683,520 ------w D:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 11:04 824,832 ----a-w D:\WINDOWS\system32\dllcache\wininet.dll
2007-08-20 11:04 671,232 ----a-w D:\WINDOWS\system32\dllcache\mstime.dll
2007-08-20 11:04 63,488 ------w D:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 11:04 6,058,496 ------w D:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 11:04 52,224 ------w D:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 11:04 477,696 ----a-w D:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-20 11:04 459,264 ------w D:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 11:04 44,544 ------w D:\WINDOWS\system32\dllcache\iernonce.dll
2007-08-20 11:04 384,512 ------w D:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-08-20 11:04 383,488 ------w D:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 11:04 3,584,512 ----a-w D:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-20 11:04 27,648 ----a-w D:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-20 11:04 267,776 ------w D:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-20 11:04 232,960 ------w D:\WINDOWS\system32\dllcache\webcheck.dll
2007-08-20 11:04 230,400 ------w D:\WINDOWS\system32\dllcache\ieaksie.dll
2007-08-20 11:04 214,528 ----a-w D:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-20 11:04 193,024 ----a-w D:\WINDOWS\system32\dllcache\msrating.dll
2007-08-20 11:04 153,088 ------w D:\WINDOWS\system32\dllcache\ieakeng.dll
2007-08-20 11:04 132,608 ----a-w D:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-20 11:04 124,928 ------w D:\WINDOWS\system32\dllcache\advpack.dll
2007-08-20 11:04 105,984 ------w D:\WINDOWS\system32\dllcache\url.dll
2007-08-20 11:04 102,400 ------w D:\WINDOWS\system32\dllcache\occache.dll
2007-08-20 11:04 1,152,000 ----a-w D:\WINDOWS\system32\dllcache\urlmon.dll
2006-03-05 20:37 24,192 ----a-w D:\Documents and Settings\Sarah\usbsermptxp.sys
2006-03-05 20:37 22,768 ----a-w D:\Documents and Settings\Sarah\usbsermpt.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F675EED8-4A4B-4A11-801B-08297749B83D}]
2007-11-16 09:38 299008 --a------ D:\WINDOWS\oprevnpx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{05E9894E-9C5F-454B-A6E1-7BEF518EC87E}"= D:\WINDOWS\bonsws.dll [ ]

[HKEY_CLASSES_ROOT\CLSID\{05E9894E-9C5F-454B-A6E1-7BEF518EC87E}]
[HKEY_CLASSES_ROOT\bonsws.ToolBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{B3A2A04F-E4B3-4E16-B7AD-555E8DD3DBBA}]
[HKEY_CLASSES_ROOT\bonsws.ToolBar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MVRescue"="C:\MVRescue\mvrescue quit" []
"CTSysVol"="D:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 09:18]
"UpdReg"="D:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00]
"HPDJ Taskbar Utility"="D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-28 09:53]
"CTHelper"="CTHELPER.EXE" [2005-12-08 12:06 D:\WINDOWS\CTHELPER.EXE]
"CTXFIREG"="CTxfiReg.exe" []
"CTStartup"="D:\Program Files\Creative\Splash Screen\CTEaxSpl.exe" [2002-09-13 01:04]
"REGSHAVE"="D:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32]
"Windows Defender"="D:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20]
"SpeedTouch USB Diagnostics"="D:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38]
"avast!"="D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 16:42]
"SmcService"="D:\PROGRA~1\Sygate\SPF\smc.exe" [2005-09-27 12:16]
"QuickTime Task"="D:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-06-29 06:24]
"MSConfig"="D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 08:56]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:56]
"swg"="D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-23 10:38]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="D:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"ddkret"= {A03212F6-E380-4B86-8851-BBCE74FDA8E6} - D:\WINDOWS\ddkret.dll [2007-11-16 09:38 303104]
"nopctrl"= {9184B2C6-4FF7-4FCC-9560-4EB474B51167} - D:\WINDOWS\nopctrl.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=D:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
path=D:\Documents and Settings\All Users\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
backup=D:\WINDOWS\pss\MyWebSearch Email Plugin.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Sarah^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
path=D:\Documents and Settings\Sarah\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
backup=D:\WINDOWS\pss\MyWebSearch Email Plugin.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Sarah^Start Menu^Programs^Startup^èÑÛÍøÂçµçÊÓ.lnk]
path=D:\Documents and Settings\Sarah\Start Menu\Programs\Startup\èÑÛÍøÂçµçÊÓ.lnk
backup=D:\WINDOWS\pss\èÑÛÍøÂçµçÊÓ.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
"D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDet]
D:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Weather 3]
D:\PROGRA~1\THEWEA~1\The Weather Channel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Festoon]
D:\Program Files\Santa Cruz Networks\Festoon\Festoon.exe /BOOT

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
"D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
"D:\Program Files\Google\Google Talk\googletalk.exe" /autostart

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"D:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
d:\PROGRA~1\mcafee.com\agent\McAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
d:\PROGRA~1\mcafee.com\agent\mcupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
D:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPSExe]
"d:\PROGRA~1\mcafee.com\mps\mscifapp.exe" /embedding

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKAGENTEXE]
D:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
"D:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"D:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
D:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OASClnt]
"D:\Program Files\McAfee.com\VSO\oasclnt.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
"D:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
D:\Program Files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrevxOne]
"D:\Program Files\Prevx2\PXConsole.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"D:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteCenter]
"D:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]
"D:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Java\jre1.5.0_04\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
"D:\Program Files\McAfee.com\VSO\mcvsshld.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"D:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Media Connect 2]
"D:\Program Files\Windows Media Connect 2\WMCCFG.exe" /StartQuiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
D:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
"D:\Program Files\Zune\ZuneLauncher.exe"

R3 ctgame;Game Port;D:\WINDOWS\system32\DRIVERS\ctgame.sys
R3 IntelS51;Intel(R) 536EP Modem;D:\WINDOWS\system32\DRIVERS\IntelS51.sys
S3 JL2005;JL2005A Toy Camera;D:\WINDOWS\system32\Drivers\toywdm.sys
S3 sonypvs1;Sony Digital Imaging Video2;D:\WINDOWS\system32\DRIVERS\sonypvs1.sys

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2007-11-17 18:23:00 D:\WINDOWS\Tasks\MP Scheduled Scan.job"
- D:\Program Files\Windows Defender\MpCmdRun.exe
"2007-09-12 20:22:22 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- D:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-18 00:01:06 D:\WINDOWS\Tasks\User_Feed_Synchronization-{9D8D74DC-4D40-46CC-853A-2538DFE533E9}.job"
"2007-11-12 23:00:02 D:\WINDOWS\Tasks\Scheduled backup.job"
- D:\WINDOWS\system32\ntbackup.exe
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-18 00:04:58
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = "D:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run?Z?A~d???*?A~????????"[email protected]?x?????B~D??????sx??sl???????y?[email protected]@@????|[email protected]@?????>??w?????92?H??????|???|???????|L(?s?92??????/?s????????D???????????????????,[email protected]@@?D???`|[email protected]

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-18 0:05:39
.
--- E O F ---
Please Help !!

Simon.
 
tetonbob

· TSF Security Manager, Emeritus
Joined
·
51,795 Posts
#2 ·
Hello and Welcome.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

If you're not already receiving help elsewhere, please read and perform the following:

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

I need more information before continuing, please.

For now, I'd like a more comprehensive set of logs from Deckard's System Scanner.

---------------------------------------------------------------------------------------------

Download HijackThis to your desktop

Alternate link

This program will help us determine if there are any spyware/malware on your computer. Double-click on the file you just downloaded.
Click on the "Unzip" button to install. It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis

Upon install, HijackThis should open for you.

When it does, just close it, please. Next....
---------------------------------------------------------------------------------------------


Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
  5. Please attach extra.txt to your post.
To attach a file to a new post, simply
  1. Click the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
  2. copy and paste the following into the "Upload File from your Computer" box:
    C:\Deckard\System Scanner\extra.txt
  3. Click Upload.

What DSS will do:
  • create a new System Restore point in Windows XP and Vista.
  • clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
  • check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

---------------------------------------------------------------------------------------------
 
1 - 2 of 2 Posts
Status
Not open for further replies.
About this Discussion
1 Reply
2 Participants
Last post:
tetonbob
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top