1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Trojan.Win32.Agent.Akk System Error Message Appearing!

Discussion in 'Malware and Virus Removal Archive' started by wirekid29, 2007/12/05.

  1. 2007/12/05
    wirekid29

    wirekid29 Inactive Thread Starter

    Joined:
    2007/10/22
    Messages:
    12
    Likes Received:
    0
    Hey guys, I have seemed to been infected with some type of trojan horse. Every time i attempt to open a folder or windows explorer, i get an error message stating that:

    "Critical System Error!
    Your browser was hijacked by Trojan.Win32.Agent.akk
    You need to clean your system immediately, in other case it can be crashed soon!
    Click OK to download the high-tech antispyware protection software! (recommended) "
    Then I can click "OK" or "Cancel "

    I have ran AVG scans a few times, AdAware and Spybot. They find other infections but not that one.

    I am posting my Hijack this log, I would be very happy if I can get some help

    Thank you...


    Hijack This Log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:24:33 PM, on 05/12/2007
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16546)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Users\Patrick\Desktop\HiJackThis.exe
    C:\Windows\system32\conime.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=73&bd=Pavilion&pf=laptop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=73&bd=Pavilion&pf=laptop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: System DivX4 - {0459F04A-F7CC-4F98-B66E-E19690702AE4} - C:\Windows\System32\sysvideo32.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe "
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe "
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe "
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 7885 bytes
     
    wirekid29,
    #1
  2. 2007/12/05
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Hi wirekid29 :)

    Download Deckard's System Scanner (dss.exe) and save it to your desktop.
    • Close all applications and windows.
    • Double click on dss.exe to run it and follow the prompts.
    • When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.
    Post the contents of main.txt only for now.
     
    noahdfear,
    #2


  3. to hide this advert.

  4. 2007/12/06
    wirekid29

    wirekid29 Inactive Thread Starter

    Joined:
    2007/10/22
    Messages:
    12
    Likes Received:
    0
    Dss Log

    Here is the log you have asked for, thank you for your time and contributions.

    DSS Main Log

    Deckard's System Scanner v20071014.68
    Run by Patrick on 2007-12-06 18:54:11
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------



    -- HijackThis (run as Patrick.exe) ---------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:54:13 PM, on 06/12/2007
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16546)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
    C:\Program Files\BitLord\BitLord.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Patrick\Desktop\dss.exe
    C:\Users\Patrick\Patrick.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=73&bd=Pavilion&pf=laptop
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=73&bd=Pavilion&pf=laptop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: System DivX4 - {0459F04A-F7CC-4F98-B66E-E19690702AE4} - C:\Windows\System32\sysvideo32.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe "
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe "
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe "
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --
    End of file - 8407 bytes

    -- Files created between 2007-11-06 and 2007-12-06 -----------------------------

    2007-12-05 22:03:07 0 d-------- C:\Program Files\Sunbelt Software
    2007-12-05 11:57:40 0 d-------- C:\Users\All Users\Spybot - Search & Destroy
    2007-12-05 09:40:06 230912 --a------ C:\Windows\system32\sysvideo32.dll <Not Verified; 3gp.org; >
    2007-11-28 22:37:37 0 d-------- C:\Users\Patrick\Copy Cat Cookbook
    2007-11-28 22:36:29 0 d-------- C:\Users\Patrick\Drawings
    2007-11-28 10:45:39 0 d-------- C:\Program Files\SolidWorks (2)
    2007-11-28 10:43:51 0 d-------- C:\SolidWorks Data
    2007-11-28 10:31:18 0 d-------- C:\Program Files\DWGeditor
    2007-11-28 09:20:38 0 d-------- C:\Program Files\PeerGuardian2
    2007-11-28 08:54:17 0 d-------- C:\Program Files\SolidWorks
    2007-11-28 08:52:42 0 d-------- C:\Program Files\MSECache
    2007-11-28 08:49:59 0 d-------- C:\Program Files\Common Files\SolidWorks Installation Manager
    2007-11-28 08:49:07 0 d-------- C:\Windows\SolidWorks
    2007-11-27 22:04:21 225280 --a------ C:\Windows\system32\rewire.dll <Not Verified; Propellerhead Software AB; ReWire>
    2007-11-27 22:03:18 0 d-------- C:\Program Files\Steinberg
    2007-11-27 22:03:18 0 d-------- C:\Program Files\Image-Line
    2007-11-27 21:59:35 1777664 --a------ C:\Windows\system32\gdiplus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
    2007-11-27 09:05:08 0 d-------- C:\Program Files\Common Files\Adobe
    2007-11-27 08:47:28 0 d-------- C:\Program Files\MagicISO
    2007-11-26 20:30:37 0 d-------- C:\Program Files\Sony
    2007-11-26 20:29:20 0 d-------- C:\Program Files\Sony Setup
    2007-11-23 18:49:21 0 d-------- C:\Users\Patrick\NDS Roms
    2007-11-21 20:02:52 0 d-------- C:\Program Files\SystemRequirementsLab
    2007-11-21 17:01:37 0 d-------- C:\Users\All Users\Grisoft
    2007-11-21 17:01:37 0 d-------- C:\Users\All Users\avg7
    2007-11-21 14:51:16 0 d-------- C:\Program Files\QuickTime
    2007-11-21 14:51:13 0 d-------- C:\Users\All Users\Apple Computer
    2007-11-21 14:50:28 0 d-------- C:\Users\All Users\Apple
    2007-11-21 14:50:28 0 d-------- C:\Program Files\Apple Software Update
    2007-11-20 22:46:01 0 d-------- C:\Program Files\Bethesda Softworks
    2007-11-20 21:07:59 0 d-------- C:\Program Files\HP Games
    2007-11-20 18:45:02 0 d-------- C:\Users\Patrick\Sat Files
    2007-11-20 18:44:57 0 d-------- C:\Users\Patrick\Homework
    2007-11-20 13:19:19 0 d--hs---- C:\System Volume Information
    2007-11-20 08:44:10 0 d-------- C:\Program Files\Microsoft.NET
    2007-11-20 08:41:21 0 d-------- C:\Program Files\Microsoft Visual Studio 8
    2007-11-20 08:39:29 0 dr-h----- C:\MSOCache
    2007-11-20 08:33:03 0 d-------- C:\Program Files\Lavasoft
    2007-11-20 01:42:19 0 d-------- C:\Users\All Users\muvee Technologies
    2007-11-20 01:41:48 0 d-------- C:\Users\All Users\TEMP
    2007-11-20 01:39:17 0 d-------- C:\Program Files\Veoh Networks
    2007-11-20 01:36:57 0 d-------- C:\Program Files\Common Files\PX Storage Engine
    2007-11-20 01:36:55 0 d-------- C:\Program Files\DivX
    2007-11-20 01:13:52 0 d-------- C:\Program Files\BitLord
    2007-11-20 01:12:50 0 d-------- C:\Users\Patrick\Shared
    2007-11-20 01:12:48 0 d-------- C:\Users\Patrick\Incomplete
    2007-11-20 01:12:26 0 d-------- C:\Program Files\LimeWire
    2007-11-20 00:54:55 0 d-------- C:\Users\All Users\Messenger Plus!
    2007-11-20 00:47:34 0 d-------- C:\Program Files\Messenger Plus! Live
    2007-11-20 00:43:01 0 d-------- C:\Windows\PCHEALTH
    2007-11-20 00:09:33 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-11-20 00:08:40 0 d-------- C:\Program Files\Mozilla Thunderbird
    2007-11-20 00:05:47 0 d-------- C:\Program Files\MSXML 4.0
    2007-11-19 23:58:33 0 --a------ C:\Windows\nsreg.dat
    2007-11-19 23:42:24 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
    2007-11-19 23:41:48 0 d-------- C:\Program Files\Windows Live
    2007-11-19 23:41:07 0 d-------- C:\Users\All Users\WLInstaller
    2007-11-19 22:38:21 0 dr------- C:\Users\Patrick\Searches
    2007-11-19 22:38:07 0 dr------- C:\Users\Patrick\Contacts
    2007-11-19 22:35:47 44 --a------ C:\Windows\system\hpsysdrv.dat
    2007-11-19 22:30:30 81 --a------ C:\Windows\system32\LOG
    2007-11-19 22:30:24 0 d--hs---- C:\Users\Patrick\Templates
    2007-11-19 22:30:24 0 d--hs---- C:\Users\Patrick\Start Menu
    2007-11-19 22:30:24 0 d--hs---- C:\Users\Patrick\SendTo
    2007-11-19 22:30:24 0 d--hs---- C:\Users\Patrick\Recent
    2007-11-19 22:30:24 0 d--hs---- C:\Users\Patrick\PrintHood
    2007-11-19 22:30:24 0 d--hs---- C:\Users\Patrick\NetHood
    2007-11-19 22:30:24 0 d--hs---- C:\Users\Patrick\My Documents
    2007-11-19 22:30:24 0 d--hs---- C:\Users\Patrick\Local Settings
    2007-11-19 22:30:24 0 d--hs---- C:\Users\Patrick\Cookies
    2007-11-19 22:30:24 0 d--hs---- C:\Users\Patrick\Application Data
    2007-11-19 22:30:23 0 dr------- C:\Users\Patrick\Videos
    2007-11-19 22:30:23 0 dr------- C:\Users\Patrick\Saved Games
    2007-11-19 22:30:23 0 dr------- C:\Users\Patrick\Pictures
    2007-11-19 22:30:23 3932160 --ahs---- C:\Users\Patrick\ntuser.dat
    2007-11-19 22:30:23 0 dr------- C:\Users\Patrick\Music
    2007-11-19 22:30:23 0 dr------- C:\Users\Patrick\Links
    2007-11-19 22:30:23 0 dr------- C:\Users\Patrick\Favorites
    2007-11-19 22:30:23 0 dr------- C:\Users\Patrick\Downloads
    2007-11-19 22:30:23 0 dr------- C:\Users\Patrick\Documents
    2007-11-19 22:30:23 0 dr------- C:\Users\Patrick\Desktop
    2007-11-19 22:30:23 0 d--h----- C:\Users\Patrick\AppData
    2007-11-19 22:24:01 0 d--hs---- C:\Users\Default\Templates
    2007-11-19 22:24:01 0 d--hs---- C:\Users\Default\Start Menu
    2007-11-19 22:24:01 0 d--hs---- C:\Users\Default\SendTo
    2007-11-19 22:24:01 0 d--hs---- C:\Users\Default\Recent
    2007-11-19 22:24:01 0 d--hs---- C:\Users\Default\PrintHood
    2007-11-19 22:24:01 0 d--hs---- C:\Users\Default\NetHood
    2007-11-19 22:24:01 0 d--hs---- C:\Users\Default\My Documents
    2007-11-19 22:24:01 0 d--hs---- C:\Users\Default\Local Settings
    2007-11-19 22:24:01 0 d--hs---- C:\Users\Default\Cookies
    2007-11-19 22:24:01 0 d--hs---- C:\Users\Default\Application Data
    2007-11-19 22:24:01 0 d--hs---- C:\Users\All Users\Templates
    2007-11-19 22:24:01 0 d--hs---- C:\Users\All Users\Start Menu
    2007-11-19 22:24:01 0 d--hs---- C:\Users\All Users\Favorites
    2007-11-19 22:24:01 0 d--hs---- C:\Users\All Users\Documents
    2007-11-19 22:24:01 0 d--hs---- C:\Users\All Users\Desktop
    2007-11-19 22:24:01 0 d--hs---- C:\Users\All Users\Application Data
    2007-11-19 22:24:01 0 d--hs---- C:\Documents and Settings


    -- Find3M Report ---------------------------------------------------------------

    2007-12-06 17:02:40 54503 --a------ C:\Users\Patrick\AppData\Roaming\nvModes.001
    2007-12-05 22:07:12 0 d-------- C:\Users\Patrick\AppData\Roaming\Sunbelt Software
    2007-12-05 14:58:29 54503 --a------ C:\Users\Patrick\AppData\Roaming\nvModes.dat
    2007-12-05 09:39:48 0 d-------- C:\Users\Patrick\AppData\Roaming\AVG7
    2007-12-04 16:30:13 0 d-------- C:\Users\Patrick\AppData\Roaming\LimeWire
    2007-12-01 16:31:30 0 d-------- C:\Users\Patrick\AppData\Roaming\IM
    2007-12-01 16:29:37 0 d-------- C:\Program Files\Common Files
    2007-11-30 15:18:09 0 d-------- C:\Users\Patrick\AppData\Roaming\U3
    2007-11-28 09:24:05 0 d-------- C:\Users\Patrick\AppData\Roaming\SolidWorks
    2007-11-28 09:24:03 0 d-------- C:\Users\Patrick\AppData\Roaming\SolidWorks 2008
    2007-11-28 09:03:58 0 d-------- C:\Users\Patrick\AppData\Roaming\DWGeditor
    2007-11-27 08:52:55 0 d-------- C:\Users\Patrick\AppData\Roaming\Sony
    2007-11-26 20:42:30 0 d-------- C:\Users\Patrick\AppData\Roaming\Publish Providers
    2007-11-26 20:42:30 0 d-------- C:\Users\Patrick\AppData\Roaming\NetMedia Providers
    2007-11-21 20:02:53 0 d-------- C:\Users\Patrick\AppData\Roaming\SystemRequirementsLab
    2007-11-21 10:41:22 0 d-------- C:\Program Files\Microsoft Games
    2007-11-20 23:10:43 0 d-------- C:\Users\Patrick\AppData\Roaming\DivX
    2007-11-20 21:36:22 0 d-------- C:\Users\Patrick\AppData\Roaming\Hewlett-Packard
    2007-11-20 20:36:03 0 d-------- C:\Users\Patrick\AppData\Roaming\Adobe
    2007-11-20 08:45:26 0 d-------- C:\Program Files\Microsoft Works
    2007-11-20 08:45:13 0 d-------- C:\Program Files\MSBuild
    2007-11-20 08:33:14 0 d-------- C:\Users\Patrick\AppData\Roaming\Lavasoft
    2007-11-20 01:42:52 0 d-------- C:\Users\Patrick\AppData\Roaming\Roxio
    2007-11-20 01:42:27 0 d-------- C:\Users\Patrick\AppData\Roaming\muvee Technologies
    2007-11-20 00:50:08 0 d-------- C:\Program Files\Windows Mail
    2007-11-20 00:08:54 0 d-------- C:\Users\Patrick\AppData\Roaming\Mozilla
    2007-11-20 00:08:53 0 d-------- C:\Users\Patrick\AppData\Roaming\Thunderbird
    2007-11-19 23:25:15 0 d-------- C:\Program Files\Yahoo!
    2007-11-19 23:16:00 0 d-------- C:\Program Files\Common Files\Symantec Shared
    2007-11-19 22:59:34 0 d-------- C:\Users\Patrick\AppData\Roaming\CyberLink
    2007-11-19 22:59:15 0 d-------- C:\Users\Patrick\AppData\Roaming\HP
    2007-11-19 22:58:33 0 d-------- C:\Users\Patrick\AppData\Roaming\Real
    2007-11-19 22:38:11 0 d-------- C:\Users\Patrick\AppData\Roaming\Identities
    2007-11-19 22:33:25 0 d-------- C:\Users\Patrick\AppData\Roaming\Macromedia
    2007-10-19 19:56:16 3596288 --a------ C:\Windows\system32\qt-dx331.dll
    2007-10-19 19:54:28 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
    2007-10-19 19:54:28 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
    2007-10-19 19:54:12 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
    2007-10-19 19:54:12 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
    2007-10-19 19:54:12 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
    2007-10-19 19:54:10 739840 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
    2007-10-18 04:02:34 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0459F04A-F7CC-4F98-B66E-E19690702AE4}]
    05/12/2007 09:40 AM 230912 --a------ C:\Windows\System32\sysvideo32.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender "= "C:\Program Files\Windows Defender\MSASCui.exe" [06/08/2007 02:54 AM]
    "SynTPEnh "= "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [12/01/2007 10:36 PM]
    "QPService "= "C:\Program Files\HP\QuickPlay\QPService.exe" [23/04/2007 08:11 PM]
    "QlbCtrl "= "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [13/02/2007 01:38 PM]
    "HP Health Check Scheduler "= "C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [12/03/2007 01:54 PM]
    "NvSvc "= "C:\Windows\system32\nvsvc.dll" [08/07/2007 09:57 PM]
    "NvCplDaemon "= "C:\Windows\system32\NvCpl.dll" [08/07/2007 09:57 PM]
    "NvMediaCenter "= "C:\Windows\system32\NvMcTray.dll" [08/07/2007 09:57 PM]
    "hpWirelessAssistant "= "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [01/03/2007 03:18 PM]
    "WAWifiMessage "= "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [10/01/2007 06:12 PM]
    "HP Software Update "= "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [17/02/2005 01:11 AM]
    "SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [06/08/2007 04:26 AM]
    "GrooveMonitor "= "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [27/10/2006 12:47 AM]
    "QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [19/10/2007 08:16 PM]
    "AVG7_CC "= "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [21/11/2007 05:01 PM]
    "Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AWMON "= "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe" [25/05/2005 12:12 PM]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
    "Launcher "=%WINDIR%\SMINST\launcher.exe

    C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [17/09/2007 9:19:14 AM]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin "=2 (0x2)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
    avgwlntf.dll 21/11/2007 05:01 PM 9216 C:\Windows\System32\avgwlntf.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
    @= "Driver "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
    @= "Driver "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @= "Volume shadow copy "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
    @= "IEEE 1394 Bus host controllers "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
    @= "SBP2 IEEE 1394 Devices "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
    @= "SecurityDevices "

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum


    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1584e613-9795-11dc-aef8-806e6f6e6963}]
    AutoRun\command- E:\OblivionLauncher.exe


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    C:\Windows\system32\unregmp2.exe /ShowWMP

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe "

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



    -- End of Deckard's System Scanner: finished at 2007-12-06 18:54:38 ------------
     
    wirekid29,
    #3
  5. 2007/12/06
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Please upload the following file to my submission channel. Leave a link back to this topic.

    C:\Windows\System32\sysvideo32.dll

    Thanks!

    Please create a new folder on your desktop named HJT, then move HijackThis.exe to the new folder and run it from there. Right click HijackThis.exe and select 'Run as Administrator'. Open it to the Misc. Tools section. Click the 'Delete a file on reboot' button. Browse to and select the following file then click Open.

    C:\Windows\System32\sysvideo32.dll

    You will be prompted to Restart the system. Close all open applications and windows then click Yes to restart.

    Upon restart, scan again with HijackThis (Run as Administrator) and place a check next to the following entries, then click Fix Checked.


    O2 - BHO: System DivX4 - {0459F04A-F7CC-4F98-B66E-E19690702AE4} - C:\Windows\System32\sysvideo32.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)


    Reboot 1 more time please, then create a new HijackThis log and post it here. Let me know if the symptoms have cleared.
     
    noahdfear,
    #4
  6. 2007/12/11
    wirekid29

    wirekid29 Inactive Thread Starter

    Joined:
    2007/10/22
    Messages:
    12
    Likes Received:
    0
    There is an issue, my system won't let me access the system32/sysvideo32.dll file. Apparently i do not have privileges to mess around with that file.
     
    wirekid29,
    #5
  7. 2007/12/11
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Download FixIEDef.exe by ShadowPuterDude and save it to your desktop.

    Double-click FixIEDef.exe then click Extract. This will create a folder named FixIEDef on your Desktop.

    Open the FixIEDef folder, locate FixIEDef.bat and double-click on it. (Vista Users - right click on the batch file and select "Run as Administrator ")

    IMPORTANT: FixIEDef will kill all copies of Internet Explorer and Explorer that are running. The icons and Start Menu on your Desktop will not be visible while FixIEDef is running. This is necessary to remove parts of the infection that would otherwise not be removed. FixIEDef will re-start Explorer at the end of the removal process.

    NOTE: You will need to temporarily disable any programs you have running that will block attempts to edit the registry, such as Spybot's TeaTimer, WinPatrol, etc.

    FixIEDef will now run. Close the FixIEDef command window after Explorer has restarted.

    Reboot and create a new dss log then post it here.
     
    noahdfear,
    #6

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...