I can't change my background.

Hello everyone, I'm having some trouble with my desktop background.

I recently got infected with a Trojan called: TROJ_RENOS.ZQ
Along with some JOKE_BLUESCREEN programs.

I have gotten it taken care of (I think...) but on my desktop it says in a blue box: "WARNING! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer. "

I've tried going to Control Panel > Display > Desktop, but the Desktop tab isn't even there!

Please. Help me out?

 

Okay, Thanks Pete!

I ran DSS and here is the contents of main.txt:

Deckard's System Scanner v20071014.68
Run by Boys on 2008-07-08 20:52:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 3 Restore Point(s) --
3: 2008-07-09 01:52:38 UTC - RP7 - Deckard's System Scanner Restore Point
2: 2008-07-09 01:43:38 UTC - RP6 - Last good restore point
1: 2008-07-09 01:43:34 UTC - RP5 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Boys.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:53:25 PM, on 7/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\lphctklj0e35r.exe
C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\program files\steam\steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\shcrklj0e35r\shcrklj0e35r.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Documents and Settings\Boys\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Boys.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0071204
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0071204
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe "
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe "
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe "
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [lphctklj0e35r] C:\WINDOWS\system32\lphctklj0e35r.exe
O4 - HKLM\..\Run: [SMrhcpklj0e35r] C:\Program Files\rhcpklj0e35r\rhcpklj0e35r.exe
O4 - HKLM\..\Run: [SMshcrklj0e35r] C:\Program Files\shcrklj0e35r\shcrklj0e35r.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe "
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: Neverwinter Nights Registration.lnk = C:\NeverwinterNights\NWN\ereg\ATR1.EXE
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1200446198515
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1205556246031
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab57176.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{505E4E05-1C35-4D11-989D-8BF2BDFBDDAF}: NameServer = 66.38.0.240,66.38.1.240
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 10782 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
R3 GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - c:\windows\system32\gtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Creative Labs Licensing Service - "c:\program files\common files\creative labs shared\service\creativelicensing.exe" <Not Verified; Creative Labs; Creative Labs Licensing Service>

S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" <Not Verified; ; Gteko BrkrSvc Application>
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-07-08 12:39:01 252 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2008-05-30 11:45:10 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-06-08 and 2008-07-08 -----------------------------

2008-07-08 20:45:22 0 d-------- C:\Documents and Settings\Boys\Application Data\shcrklj0e35r
2008-07-08 20:45:19 0 d-------- C:\Program Files\shcrklj0e35r
2008-07-08 20:42:53 60928 --a------ C:\WINDOWS\system32\blphctklj0e35r.scr
2008-07-08 10:53:27 0 d-------- C:\Documents and Settings\Boys\.housecall6.6
2008-07-08 10:44:07 258882 --a------ C:\Documents and Settings\Administrator\REBOOT=ReallySuppress
2008-07-08 10:44:06 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-07-08 10:44:06 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-07-08 10:44:06 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-07-08 10:44:06 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-07-08 10:44:06 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-07-08 10:44:06 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-07-08 10:44:06 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-07-08 10:44:06 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-07-08 10:44:06 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-07-08 10:44:06 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-07-08 10:44:06 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-07-08 10:44:06 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-07-08 10:44:06 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-07-08 10:44:06 0 d-------- C:\Documents and Settings\Administrator\Application Data\Roxio
2008-07-08 10:44:06 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-07-08 10:44:06 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-07-08 10:44:06 0 d-------- C:\Documents and Settings\Administrator\Application Data\GTek
2008-07-07 22:46:17 0 d-------- C:\Documents and Settings\Boys\Application Data\rhcpklj0e35r
2008-07-07 22:46:12 0 d-------- C:\Program Files\rhcpklj0e35r
2008-07-07 22:45:33 109056 --a------ C:\WINDOWS\system32\lphctklj0e35r.exe
2008-07-03 07:28:46 0 d-------- C:\Program Files\Delta
2008-06-26 22:58:40 0 d-------- C:\Program Files\Project64 1.6
2008-06-26 14:22:18 0 d-------- C:\Program Files\Free Metronome
2008-06-26 01:21:38 0 d-------- C:\Hi
2008-06-22 20:11:24 261632 --a------ C:\WINDOWS\uninst.exe <Not Verified; Stirling Technologies, Inc.; InstallSHIELD Deinstaller>
2008-06-20 15:33:50 0 d-------- C:\Documents and Settings\Boys\Application Data\teamspeak2
2008-06-20 15:33:38 0 d-------- C:\Program Files\Teamspeak2_RC2
2008-06-16 22:13:17 0 d-------- C:\Documents and Settings\All Users\Application Data\CCP
2008-06-16 22:10:25 0 d-------- C:\Program Files\CCP
2008-06-13 17:33:59 0 d-------- C:\Documents and Settings\Boys\Application Data\Xfire
2008-06-13 17:33:57 0 d-------- C:\Program Files\Xfire
2008-06-09 13:59:13 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
2008-06-08 23:44:13 0 d-------- C:\Documents and Settings\Boys\Application Data\Leadertech
2008-06-08 23:32:17 0 d-------- C:\NeverwinterNights
2008-06-08 17:05:55 0 d-------- C:\Documents and Settings\Boys\Application Data\Help
2008-06-08 09:28:57 0 d-------- C:\Program Files\Starcraft
2008-06-08 08:26:01 0 d-------- C:\Program Files\Starcraft & Broodwar 1.5.1


-- Find3M Report ---------------------------------------------------------------

2008-07-08 20:53:25 0 d-------- C:\Program Files\Steam
2008-07-08 20:51:04 0 d-------- C:\Program Files\Trend Micro
2008-07-08 20:43:02 0 d-------- C:\Documents and Settings\Boys\Application Data\LimeWire
2008-06-27 17:17:43 0 d-------- C:\Program Files\Fracas
2008-06-27 16:36:39 0 d-------- C:\Documents and Settings\Boys\Application Data\gtk-2.0
2008-06-26 01:08:14 0 d-------- C:\Documents and Settings\Boys\Application Data\Mozilla
2008-06-25 21:42:51 0 d-------- C:\Program Files\WOWOWOWO
2008-06-22 19:26:04 0 d-------- C:\Documents and Settings\Boys\Application Data\Roxio
2008-06-17 21:05:55 0 d-------- C:\Program Files\World of Warcraft
2008-06-08 23:37:37 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-04 23:32:14 0 d-------- C:\Program Files\Tetris
2008-06-03 15:17:34 0 d-------- C:\Program Files\GIMP-2.0
2008-06-02 21:31:59 0 d-------- C:\Program Files\GameSpy Arcade
2008-06-01 12:45:22 0 d-------- C:\Documents and Settings\Boys\Application Data\WinRAR
2008-05-30 11:48:02 0 d-------- C:\Documents and Settings\Boys\Application Data\Apple Computer
2008-05-30 11:45:27 0 d-------- C:\Program Files\QuickTime
2008-05-30 11:45:08 0 d-------- C:\Program Files\Apple Software Update
2008-05-29 15:59:53 0 d-------- C:\Program Files\Audacity
2008-05-29 05:00:04 0 d-------- C:\Program Files\Cheetah Burner
2008-05-24 13:47:05 0 d-------- C:\Program Files\Google
2008-05-17 09:32:01 0 d-------- C:\Program Files\LimeWire
2008-05-11 12:13:24 0 d-------- C:\Program Files\Microsoft Games
2008-05-04 04:01:53 1160 --a------ C:\WINDOWS\mozver.dat
2008-05-02 20:58:03 5120 --a------ C:\Documents and Settings\Boys\Application Data\dvd.bmk


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray "= "C:\WINDOWS\system32\igfxtray.exe" [07/21/2006 05:48 PM]
"HotKeysCmds "= "C:\WINDOWS\system32\hkcmd.exe" [07/21/2006 05:50 PM]
"Persistence "= "C:\WINDOWS\system32\igfxpers.exe" [07/21/2006 05:47 PM]
"SigmatelSysTrayApp "= "stsystra.exe" [07/24/2006 11:20 AM C:\WINDOWS\stsystra.exe]
"IAAnotif "= "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [07/06/2006 08:15 AM]
"DMXLauncher "= "C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [10/05/2005 04:12 AM]
"ISUSPM Startup "= "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [10/03/2006 12:35 PM]
"ISUSScheduler "= "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/03/2006 12:37 PM]
"@ "=" " []
"RoxWatchTray "= "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [11/05/2006 12:22 PM]
"RoxioDragToDisc "= "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" [08/17/2006 10:00 AM]
"pccguide.exe "= "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe" [11/21/2006 02:02 PM]
"dscactivate "= "c:\dell\dsca.exe" [07/30/2007 05:40 AM]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 04:06 AM]
"Google Desktop Search "= "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [12/03/2007 11:27 PM]
"ECenter "= "C:\Dell\E-Center\EULALauncher.exe" [05/24/2007 08:03 AM]
"QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"lphctklj0e35r "= "C:\WINDOWS\system32\lphctklj0e35r.exe" [07/07/2008 10:45 PM]
"SMrhcpklj0e35r "= "C:\Program Files\rhcpklj0e35r\rhcpklj0e35r.exe" []
"SMshcrklj0e35r "= "C:\Program Files\shcrklj0e35r\shcrklj0e35r.exe" [07/08/2008 10:58 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold "= "C:\Program Files\NetWaiting\netWaiting.exe" [09/10/2003 03:24 AM]
"OE_OEM "= "C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe" [08/04/2006 05:15 PM]
"DellSupport "= "C:\Program Files\DellSupport\DSAgnt.exe" [03/15/2007 01:09 PM]
"MsnMsgr "= "C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [10/18/2007 12:34 PM]
"Steam "= "c:\program files\steam\steam.exe" [03/27/2008 06:23 PM]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 06:00 AM]
"swg "= "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [12/03/2007 11:27 PM]

C:\Documents and Settings\Boys\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [4/18/2008 2:21:09 PM]
Neverwinter Nights Registration.lnk - C:\NeverwinterNights\NWN\ereg\ATR1.EXE [6/8/2008 11:44:11 PM]
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [6/26/2008 3:10:40 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [12/3/2007 11:21:20 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage "=1 (0x1)
"NoDispScrSavPage "=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls "=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05f01247-30a2-11dd-ad63-001d7e05fe96}]
AutoRun\command- E:\PCConnect.exe

*Newly Created Service* - GTNDIS5



-- End of Deckard's System Scanner: finished at 2008-07-08 20:54:02 ------------

 

I posted the main.txt, but a moderator has to approve of it.

I should also mention that when I turned on my computer just now, there was a new Malware Protector 2008 program (I know this is something bad because I never downloaded that.)

 

Hope this helps

I had the same thing happen to me. I was able to get the 'Desktop' and 'Screensaver' tabs back by running the vb script at the bottom of this page>

http://www.winhelponline.com/articl...ng-tabs-to-the-Display-properties-dialog.html

Hope this helps......

 

Hi deus241

Please do this.

Download ComboFix from Here to your Desktop.

It's best to disable realtime protection applications as they sometimes interfere with the tool.
Check this link for any applicable programs you may have.

• Close all open programs and windows
• Double click combofix.exe and follow the prompts.
• Vista users right click Combofix.exe and select Run As Administrator.
• When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Note - ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note - Combofix makes some changes when run to prevent autorun/autoplay of ALL CDs, floppies and USB devices, to assist with malware removal & increase security. If this is an issue or makes it difficult for you to use those devices, please ask how to reset it.

Thanks
Geri

 

Combofix

Hi Pete Geri and Deus241,

I just had the same problem with the bluescreen, ran combofix and it seemed
to do the trick... however, at the top of the log there is a highlighted statement " This machine does not have a recovery console installed! "
what exactly is a recovery console and what should I do to rectify this?
Thanks...

Regards, Boondocks

 

Thanks Pete,

I will go thru the information you provided... How important is it to have this
in place?

Regards,
Boondocks

 

ComboFix checks for the existence of the Recovery Console because the author of CF feels it is very important to have the safety net it provides, and many many users don't have the means to boot to the RC unless it is pre-installed (lost discs, faulty discs, etc). CF is a very powerful tool, and despite it's author working very hard to avoid mishaps with it's use, mishaps do happen occasionally. Despite all the self checks and protections written into the tool, there remains a slight chance it's use could leave your computer unbootable. With the Recovery Console installed, in the event there is such a mishap, recovering from such a situation is more easily done.

Malware authors work hard to prevent CF from doing it's job, or doing it with the expected results, or cause it to otherwise fail. They have in the past overcome the self checks and protections with methods of their own, and left a machine or 2 unbootable with their attempts to thwart CF. Again, recovery from such a situation, with guidance from someone trained in CF's use and an installed RC (or otherwise available RC), is an option available that wouldn't be otherwise.

I will now take this opportunity to again say, ComboFix is a very powerful tool and should only be used under the guidance and recommendation of someone trained in it's use!