Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HELP!!! HURRY!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby Katana » September 24th, 2007, 5:41 pm

I still suspect a hardware problem, the online scan showed nothing.

Deckard's System Scanner
Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply
User avatar
MRU Teacher Emeritus
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester
Register to Remove

Unread postby gamerking#1 » September 25th, 2007, 6:21 pm

it wont run..
Regular Member
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Unread postby Katana » September 25th, 2007, 6:37 pm

Kaspersky Online Scanner .

Go Here http://www.kaspersky.com/virusscanner

Read the Requirements and limitations before you click Accept.
Allow the ActiveX download if necessary
Once the database has downloaded, click Next.
Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
Click on "My Computer" and then put the kettle on!
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.

Please post the log in your reply
User avatar
MRU Teacher Emeritus
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Unread postby gamerking#1 » September 25th, 2007, 7:08 pm

w8 nevermind it worked

Deckard's System Scanner v20070905.67
Extra logfile - please post this as an attachment with your post.

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.00GHz
Percentage of Memory in Use: 66%
Physical Memory (total/avail): 479.53 MiB / 161.79 MiB
Pagefile Memory (total/avail): 1123.8 MiB / 829.4 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1961.85 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 14.94 GiB total, 0.33 GiB free.
D: is Fixed (NTFS) - 40.96 GiB total, 30.88 GiB free.
E: is Removable (No Media)
F: is CDROM (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (Unformatted)
K: is Removable (No Media)

\\.\PHYSICALDRIVE0 - ST360020A - 55.9 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 14.94 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 40.96 GiB - D:

\\.\PHYSICALDRIVE1 - Memory Stick Slot

\\.\PHYSICALDRIVE2 - USB2.0 CF CardReader USB Device

\\.\PHYSICALDRIVE5 - USB2.0 MS CardReader USB Device

\\.\PHYSICALDRIVE4 - USB2.0 SD CardReader USB Device - 117.66 MiB - partitions

\\.\PHYSICALDRIVE3 - USB2.0 SM CardReader USB Device

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: Sunbelt Personal Firewall v4.5.916 T (Sunbelt)
AV: AVG 7.5.488 v7.5.488 (GRISOFT)

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Program Files\\Trend Micro\\PC-cillin 2000\\WebTrapNT.exe"="C:\\Program Files\\Trend Micro\\PC-cillin 2000\\WebTrapNT.exe:*:Disabled:WebTrap"
"C:\\Program Files\\support.com\\client\\bin\\tgcmd.exe"="C:\\Program Files\\support.com\\client\\bin\\tgcmd.exe:*:Disabled:tgcmd Module"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Documents and Settings\\Patrik\\Local Settings\\Temporary Internet Files\\Content.IE5\\Q6ALPZF3\\wowclient-downloader[1].exe"="C:\\Documents and Settings\\Patrik\\Local Settings\\Temporary Internet Files\\Content.IE5\\Q6ALPZF3\\wowclient-downloader[1].exe:*:Enabled:Blizzard Downloader"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Documents and Settings\\Patrik\\Local Settings\\Temp\\gm_ttt_23760\\game.exe"="C:\\Documents and Settings\\Patrik\\Local Settings\\Temp\\gm_ttt_23760\\game.exe:*:Enabled:game"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Documents and Settings\\Patrik\\Local Settings\\Temp\\gm_ttt_41279\\pong3.exe"="C:\\Documents and Settings\\Patrik\\Local Settings\\Temp\\gm_ttt_41279\\pong3.exe:*:Enabled:pong3"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\Documents and Settings\\Patrik\\Local Settings\\Temp\\gm_ttt_64269\\pong3.exe"="C:\\Documents and Settings\\Patrik\\Local Settings\\Temp\\gm_ttt_64269\\pong3.exe:*:Enabled:pong3"
"C:\\Documents and Settings\\Patrik\\Local Settings\\Temp\\gm_ttt_85484\\pong3.exe"="C:\\Documents and Settings\\Patrik\\Local Settings\\Temp\\gm_ttt_85484\\pong3.exe:*:Enabled:pong3"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe:*:Enabled:Java(TM) Platform SE binary"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Patrik\Application Data
CommonProgramFiles=C:\Program Files\Common Files
HOMEPATH=\Documents and Settings\Patrik
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Sony\SimpleDVDMaker\AS_Libs;C:\Program Files\Common Files\GTK\2.0\bin
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 4, GenuineIntel
ProgramFiles=C:\Program Files
USERPROFILE=C:\Documents and Settings\Patrik

-- User Profiles ---------------------------------------------------------------

Patrik (admin)
lsdfjkhfkljh (new local, admin)
dfgh (new local, admin)
jhfk (new local, admin)
hgfk (new local, admin)
hjjdsjk (new local, admin)
dfhhd (new local, admin)

-- Add/Remove Programs ---------------------------------------------------------

--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\System32\UninstIPP.isu
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {8855FF30-19CE-4CB1-A654-87B38369CCE1}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3BB529C7-855D-11D7-8444-0050BA1D384D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x9 -uninst
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 4.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Photoshop Elements --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop Elements\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop Elements\Uninst.dll"
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
AGEIA PhysX v2.4.4 --> "C:\Program Files\AGEIA Technologies\uninstall.exe"
Agnitum Outpost Firewall Pro --> C:\PROGRA~1\Agnitum\OUTPOS~1.0\uninst.exe
AIM 6.0 --> C:\Program Files\AIM6\uninst.exe
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Belkin Bluetooth Software --> MsiExec.exe /X{FE90E9E7-A158-4687-8853-DF677A939A61}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Cheat Engine 5.3 --> "C:\Program Files\Cheat Engine\unins000.exe"
DesktopX --> C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\DesktopX\INSTALL.LOG
Dev-C++ 4 --> C:\WINDOWS\uninst.exe -fC:\Dev-C++\DeIsL1.isu -cC:\Dev-C++\_ISREG32.DLL
DigitalPrint 1.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E2069DE3-5924-4766-A385-CDA273885A31}\setup.exe" /Uninstall
Dinosaur Adventure 3-D --> C:\WINDOWS\IsUninst.exe -fC:\KA\DINO3D4\DeIsL1.isu
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVDit! LE --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3B24D221-448E-11D4-A499-0050DA6E827C}\Setup.exe" -L0x9
DVgate --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{29F61465-428A-11D4-B646-00C04F790F76}\setup.exe"
EAX Unified --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\EAX Unified\Uninst.isu"
EVEREST Home Edition v2.20 --> "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Experience VAIO --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7443EC4E-DCEB-4B10-8888-CBFB5E7108D9}\setup.exe"
Game Maker 7.0 --> C:\Program Files\Game_Maker7\Uninstal.exe
HijackThis 1.99.1 --> C:\Program Files\HijackThis\HijackThis.exe /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel(R) Integrated Performance Primitives RTI 4.0 --> MsiExec.exe /X{51C91B84-7B46-4FE7-8999-8228CFA75F89}
iPod for Windows 2006-03-23 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2070F79D-46BC-4EEA-8F02-9B4DCABAE7CB} /l1033
Java DB --> MsiExec.exe /X{0ECB59D5-A3FC-4D61-AD3B-6CE679B3F852}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) SE Development Kit 6 Update 2 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160020}
LimeWire 4.12.11 --> "C:\Program Files\LimeWire\uninstall.exe"
Lucent Technologies Soft Modem AMR --> ltremove
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
MovieShaker 3.3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4A49B00-02F8-11D5-B64D-00C04F790F76}\setup.exe"
Mozilla Firefox ( --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Music Visualizer Library --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}\setup.exe"
NetBeans IDE 5.5.1 --> C:\Program Files\netbeans-5.5.1\_uninst\uninstaller.exe
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvsyj.inf
OpenMG Secure Module 3.0.03 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E84D2015-4FEB-40CC-A2DD-1A6B8BAC2429}\setup.exe" UNINSTALL
Panda TotalScan --> C:\Program Files\Panda Security\TotalScan\ascuninst.exe
PicoPlayer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC3ADBE9-5556-4612-8357-5225C8F9E19F}\setup.exe"
PicoPlayer Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C70C75F-A265-4C62-B90F-8F80AA69F262}\setup.exe"
PicoPlayerSplashScreen --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{00609F70-5043-4C20-895A-D6EF7ACE9304}\setup.exe"
Portable Media Center --> MsiExec.exe /X{AB8C3502-1033-4B94-98DD-087D19BF72A3}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Presto! VideoWorks 6 (VCD Version) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B0C0F5E6-10B1-11D6-9296-0050BA073EEC}\SETUP.EXE" -l0x9
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
RealProducer Basic 8.5 --> C:\Program Files\Real\RealProducer\rnuninst.exe RealNetworks|RealProducer|8.5
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sid Meier's Alpha Centauri --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Firaxis Games\Sid Meier's Alpha Centauri\Uninst.isu"
Simple DVD Maker 1.2 (with Dolby Digital) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ABD19550-1A16-40FC-AAB1-89A9F485B265}\Setup.exe"
SiS Audio Driver --> C:\Progra~1\SiS7012\Uninst\uninst2k.exe PCI\VEN_1039&DEV_7012
SiS Compatible VGA V2.07f.01 --> RUNDLL32 setuplib.dll,UnInstall ,315&ISUNINST -f"C:\PROGRA~1\SISCOM~1.01\DeIsL1.isu"&P.U 4 sisgr.inf&-1
SiS VGA Utilities --> Rundll32 SiSInst.dll,Uninstall VGA,R,oem21.inf
SiSAGP driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0x9
Smart Capture --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B6F4C00-E935-11D3-A98A-0080986030D9}\setup.exe"
SonicStage 1.2.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E535DC62-56D6-11D5-8AE3-00105A7276CD}\setup.exe" UNINSTALL
SonicStage CD-R Writing Module --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EE377F9-1FBC-440E-82EB-7B8A1EDDEE52}\setup.exe"
Sony Certificate PCH --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0448678-1203-4158-A58F-B3D0B616BF9E}\setup.exe"
Sony DV Shared Library --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6990A2BF-D1D2-11D3-81BC-00609789C908}\setup.exe"
Sony on Yahoo! Essentials --> C:\Program Files\Yahoo!\unwise.exe C:\progra~1\yahoo!\install.log
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Sunbelt Personal Firewall --> MsiExec.exe /X{BFD080F6-3BF0-40E1-9507-9CA969C35870}
SUPER © Version 2007.bld.23 (July 4, 2007) --> C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Support Actions Win2K,WinXP --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48BE827A-2D06-4804-90C3-4F2F8460F9D4}\setup.exe"
The GIMP 2.2.14 --> "C:\Program Files\GIMP-2.0\unins000.exe"
VAIO Action Setup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C67D8C0-F0EC-11D3-99D3-00C04FCCB775}\setup.exe"
VAIO Brezza Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACEC9C3E-0100-4EBE-B298-35A2145828A0}\setup.exe"
VAIO Clock Screen Saver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B9FBAE1-5016-4F14-B452-E6874A3C1284}\setup.exe"
VAIO Grid Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21CF3E6E-1659-433E-B6CE-165D793560DA}\setup.exe"
VAIO Help & Support --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6060E6A1-5342-4D2B-8F66-B6D6E20BBD03}\setup.exe"
VAIO Registration --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6DF804A8-2CC2-4D22-A958-4534F6EC3C76}\setup.exe"
VAIO Serenus Wallpaper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{802EF464-4992-42B3-8434-45151AD3C933}\setup.exe"
VAIO Support --> "c:\program files\support.com\client\bin\tgfix.exe" /rm /nq
VAIO System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD7D5804-C157-48A6-AEE0-4A40A4B5C054}\setup.exe"
VERITAS RecordNow DX --> MsiExec.exe /I{8855FF30-19CE-4CB1-A654-87B38369CCE1}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WordPerfect Office 2002 OEM --> C:\WINDOWS\Corel\uninst32.exe

-- Application Event Log -------------------------------------------------------

Event Record #/Type1564 / Error
Event Submitted/Written: 09/25/2007 05:09:21 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16512, faulting module flash9b.ocx, version, fault address 0x000561fa.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type1560 / Error
Event Submitted/Written: 09/25/2007 04:23:48 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application taskmgr.exe, version 5.1.2600.2180, hang module hungapp, version, hang address 0x00000000.

Event Record #/Type1553 / Error
Event Submitted/Written: 09/24/2007 09:49:09 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16512, faulting module flash9b.ocx, version, fault address 0x00056373.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type1552 / Error
Event Submitted/Written: 09/24/2007 06:47:55 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16512, faulting module flash9b.ocx, version, fault address 0x00002189.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type1551 / Error
Event Submitted/Written: 09/24/2007 05:19:49 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application taskmgr.exe, version 5.1.2600.2180, hang module hungapp, version, hang address 0x00000000.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type16585 / Warning
Event Submitted/Written: 09/25/2007 04:57:25 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type16583 / Error
Event Submitted/Written: 09/25/2007 04:47:44 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {A1F4E726-8CF1-11D1-BF92-0060081ED811} did not register with DCOM within the required timeout.

Event Record #/Type16539 / Error
Event Submitted/Written: 09/25/2007 04:04:18 PM
Event ID/Source: 29 / W32Time
Event Description:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Event Record #/Type16538 / Error
Event Submitted/Written: 09/25/2007 04:04:18 PM
Event ID/Source: 17 / W32Time
Event Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Event Record #/Type16537 / Warning
Event Submitted/Written: 09/25/2007 04:04:17 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 000C413829C0. The following
error occurred:
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

-- End of Deckard's System Scanner: finished at 2007-09-25 18:59:12 ------------


Deckard's System Scanner v20070905.67
Run by Patrik on 2007-09-25 18:04:09
Computer is in Normal Mode.

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
14: 2007-09-25 22:04:22 UTC - RP103 - Deckard's System Scanner Restore Point
13: 2007-09-25 19:16:56 UTC - RP102 - System Checkpoint
12: 2007-09-23 17:05:30 UTC - RP101 - System Checkpoint
11: 2007-09-20 00:48:43 UTC - RP100 - System Checkpoint
10: 2007-09-19 00:27:34 UTC - RP99 - System Checkpoint

-- First Restore Point --
1: 2007-08-26 16:54:45 UTC - RP90 - System Checkpoint

Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 480 MiB (512 MiB recommended).
System Drive C: has 0.33 GiB (less than 15%) free.

-- HijackThis (run as Patrik.exe) ----------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-09-25 18:05:14
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16512)

Running processes:
C:\Program Files\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgemc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Common Files\stardock\SDMCP.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Documents and Settings\Patrik\Local Settings\Temporary Internet Files\Content.IE5\REX6AMY6\dss[1].exe

R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\adobe\acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKEY_LOCAL_MACHINE\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKEY_LOCAL_MACHINE\..\Run: [CleanupProgram] C:\Sonysys\cleanup.exe
O4 - HKEY_LOCAL_MACHINE\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKEY_LOCAL_MACHINE\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKEY_LOCAL_MACHINE\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKEY_LOCAL_MACHINE\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKEY_LOCAL_MACHINE\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: hc_tray.lnk = C:\Program Files\Kuma Games\hcsystray\hc_tray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: VAIO Action Setup (Server).lnk = C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - (file missing)
O9 - Extra 'Tools' menuitem: (no name) - {44627E97-789B-40d4-B5C2-58BD171129A1} - (file missing)
O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} () - https://components.viewpoint.com/MTSIns ... xpId=4411&
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shoc ... tor/sw.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9906180903
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_02) - http://javadl-esd.sun.com/update/1.6.0/ ... 586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/sh ... wflash.cab
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll
O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\stardock\MCPStub.dll
O21 - SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files\Common Files\stardock\MCPCore.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

-- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) --------------------

backup-20070729-100004-763 O4 - HKLM\..\Run: [OutpostFeedBack] C:\PROGRA~1\Agnitum\OUTPOS~1.0\feedback.exe /dump:os_startup
backup-20070729-100004-908 O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
backup-20070729-100526-864 O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\DOCUME~1\Patrik\Desktop\SPYBOT~1\SDHelper.dll (file missing)

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 Achernar (Achernar - SCSI Command Filters) - c:\windows\system32\drivers\achernar.sys <Not Verified; An Chen Computer Co., Ltd.; Achernar>
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R2 BTSERIAL (Bluetooth Serial Driver) - c:\windows\system32\drivers\btserial.sys
R2 BTSLBCSP (Bluetooth Port Client Driver) - c:\windows\system32\drivers\btslbcsp.sys <Not Verified; WIDCOMM, Inc.; Bluetooth Software 1.4.2 Build 10>
R3 Aldebaran (Aldebaran - SCSI Command Filters) - c:\windows\system32\drivers\aldebaran.sys <Not Verified; An Chen Computer Co., Ltd.; Aldebaran>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>

S3 XDva025 - c:\windows\system32\xdva025.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Files created between 2007-08-25 and 2007-09-25 -----------------------------

2007-09-20 19:26:06 0 d-------- C:\Program Files\Panda Security
2007-08-31 22:10:39 0 d-------- C:\Documents and Settings\Patrik\JavaApplication1
2007-08-31 22:07:58 0 d-------- C:\Documents and Settings\Patrik\.netbeans
2007-08-31 20:38:38 0 d-------- C:\Program Files\netbeans-5.5.1
2007-08-28 15:16:17 0 d-------- C:\Program Files\Game_Maker7
2007-08-28 12:43:13 0 d-------- C:\Program Files\J2ME-Polish

-- Find3M Report ---------------------------------------------------------------

2007-09-25 17:27:20 0 d-------- C:\Documents and Settings\Patrik\Application Data\LimeWire
2007-09-25 17:24:12 0 d-------- C:\Program Files\Cheat Engine
2007-09-25 16:05:24 0 d-------- C:\Documents and Settings\Patrik\Application Data\AVG7
2007-08-31 20:53:49 0 d-------- C:\Program Files\Java
2007-08-31 20:34:51 0 d-------- C:\Program Files\Common Files
2007-08-31 20:34:51 0 d-------- C:\Program Files\Common Files\InstallShield
2007-08-26 21:47:19 0 d-------- C:\Documents and Settings\Patrik\Application Data\Corel
2007-08-21 17:58:42 0 d-------- C:\Program Files\LimeWire
2007-08-16 10:04:51 0 d-------- C:\Program Files\AviSynth 2.5
2007-08-16 10:03:39 0 d-------- C:\Program Files\eRightSoft
2007-08-11 22:09:24 0 d-------- C:\Documents and Settings\Patrik\Application Data\Talkback
2007-08-11 22:09:11 0 d-------- C:\Documents and Settings\Patrik\Application Data\Mozilla
2007-08-11 22:08:11 0 d-------- C:\Program Files\DivX
2007-08-11 13:56:18 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-08-09 13:23:47 0 d-------- C:\Program Files\Sun
2007-08-08 19:28:16 0 d-------- C:\Program Files\AGEIA Technologies
2007-08-03 22:49:36 0 d-------- C:\Program Files\QuickTime
2007-08-03 11:16:11 0 d-------- C:\Program Files\SiS VGA Utilities V3.73
2007-08-03 11:14:38 0 d-------- C:\Program Files\sisagp
2007-08-03 11:14:24 1 --a------ C:\WINDOWS\~sisRslt
2007-08-02 17:31:06 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-08-02 17:29:13 0 d-------- C:\Program Files\Lavalys
2007-07-29 09:47:30 0 d-------- C:\Program Files\Sunbelt Software
2007-07-29 09:41:43 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2007-07-29 09:40:35 0 d-------- C:\Program Files\Common Files\Agnitum Shared
2007-07-28 10:38:37 0 d-------- C:\Program Files\CCleaner
2007-07-27 19:48:59 0 d-------- C:\Program Files\Belkin
2007-07-15 10:21:56 0 --a------ C:\AUTOEXEC.BAT
2007-07-04 11:36:03 297 --a------ C:\WINDOWS\EReg072.dat
2007-07-01 09:15:44 4608 --a------ C:\WINDOWS\system32\w95inf32.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2007-07-01 09:15:44 2272 --a------ C:\WINDOWS\system32\w95inf16.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

"LTSMMSG"="LTSMMSG.exe" [03/29/2002 07:07 PM C:\WINDOWS\LTSMMSG.exe]
"SiS Tray"="" []
"SiS KHooker"="C:\WINDOWS\System32\khooker.exe" []
"NvCplDaemon"="NvQTwk" []
"CleanupProgram"="C:\Sonysys\cleanup.exe" []
"QuickFinder Scheduler"="C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE" [10/02/2001 02:36 AM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [09/13/2007 07:02 PM]
"SiSPower"="SiSPower.dll" [03/09/2006 03:04 AM C:\WINDOWS\system32\SiSPower.dll]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [08/03/2007 10:49 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM]

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:56 AM]
"Aim6"="" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll 01/31/2005 04:13 PM 49152 C:\PROGRA~1\COMMON~1\stardock\MCPStub.dll


@="Volume shadow copy"

AutoRun\command- L:\JDSecure\Windows\JDSecure20.exe

-- End of Deckard's System Scanner: finished at 2007-09-25 18:59:12 ------------

do I do the kasperly scanner too?
Regular Member
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Unread postby Katana » September 25th, 2007, 9:36 pm

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

LimeWire 4.12.11

I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Also available here.

My recommendation is you go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Please note: you must NOT use this whilst we are cleaning your machine.

Have you created any new user accounts recently ?
lsdfjkhfkljh (new local, admin)
dfgh (new local, admin)
jhfk (new local, admin)
hgfk (new local, admin)
hjjdsjk (new local, admin)
dfhhd (new local, admin)

Submit a File For Analysis
We need to have the files below Scanned by Uploading them/it to Jotti

Please visit Jotti
Copy/paste the the following file path into the window
Click Submit/Send File
Please post back, to let me know the results.

Please do the same for the following file

If Jotti is too busy please try Virustotal

Yes, Please do the Kaspersky scan

Logs/Information to Post in Reply
Please post the following logs/Information in your reply
  • Do you know about the user accounts
  • Jotti/Virus Total reports for the 3 Files
  • Kaspersky Log
  • How are things running now ?
User avatar
MRU Teacher Emeritus
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Unread postby gamerking#1 » September 27th, 2007, 7:58 pm

ok all were fine exept for C:\AUTOEXEC.BAT which gave me the message:
The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file

I was playing a game sherwood and to make other accounts you needed to make other accounts on my pc but i got tired of the game and deleted the accounts.

the kaspersky log wont work it shows it cannot be displayed...

the computer is running fine exept it doesnt turn of , the shut down button does nothing and it takes 15 minutes for the computer to turn on... :(
Regular Member
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Unread postby Katana » September 28th, 2007, 7:27 am

The scans we have done show that there is no malware on your PC.
Your problems are either a corrupted OS because of all the tinkering that has been going on for the last year, or hardware related.

Your options are
1) Reformat and reinstall your OS

2) Seek help at a hardware forum.

There is nothing else that I can help you with.
User avatar
MRU Teacher Emeritus
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Unread postby gamerking#1 » September 28th, 2007, 9:05 am

oh... well thanks anyway
Regular Member
Posts: 96
Joined: April 16th, 2007, 4:14 pm
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!

Who is online

Users browsing this forum: No registered users and 40 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware