Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

NT Authority\ System shutdown loop and no internet connection [CL


  • This topic is locked This topic is locked

#16
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Are you having troubles with running DSS?

Then Move DSS to your Desktop and run it in Normal mode - post back with the logs please.


I'll wait for the logs, otherwise just post back and we will find another way :)
  • 0

Advertisements


#17
xcrunner423

xcrunner423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Yesterday I removed the CA Virus Protection but it would not allow be to remove the anti-spyware or parental controls.

Deckard's System Scanner v20071014.68
Run by on 2008-07-25 15:17:27
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as .exe) ----------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:17:28 PM, on 7/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svcprs32.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\McAfee\SpamKiller\MSKDetct.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\WINDOWS\cfgmng32.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust PestPatrol\CAPPActiveProtection.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\System32\svchost.exe
E:\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\EXE~1

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.localnet....dv_search.phtml
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.frontiernet.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.localnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by LocalNet
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [dvHighMem] C:\WINDOWS\cfgmng32.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKUS\S-1-5-21-3118213015-4065704274-1862038120-1007\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup (User '?')
O4 - HKUS\S-1-5-21-3118213015-4065704274-1862038120-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-3118213015-4065704274-1862038120-1007\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (User '?')
O4 - Global Startup: WinCinema Manager.lnk = C:\Program Files\Sandisk\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.localnet.com/
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1148844141281
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {A9DD5FE2-5567-4983-971F-C792375025A6} (PhoenixBody Class) - http://software.musi...34/MusicNow.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com...obat/nos/gp.cab
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust PestPatrol\PPCtlPriv.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WinSock Svchost Manager (WinSvchostManager) - Unknown owner - C:\WINDOWS\system32\svcprs32.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 10610 bytes

-- Files created between 2008-06-25 and 2008-07-25 -----------------------------

2008-07-25 12:59:07 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-25 12:59:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-25 12:00:39 0 d-------- C:\WINDOWS\rnapxs
2008-07-25 10:24:25 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-07-01 09:51:44 0 d-------- C:\Program Files\Maxtor
2008-07-01 09:51:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Maxtor
2008-07-01 09:49:32 0 d-------- C:\Program Files\MSXML 6.0
2008-06-27 13:06:35 0 d-------- C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-06-27 13:06:21 0 d-------- C:\Program Files\Dell Support Center


-- Find3M Report ---------------------------------------------------------------

2008-07-25 15:15:59 5852 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-07-25 15:15:59 56 -r-hs---- C:\WINDOWS\system32\4C72B54280.sys
2008-07-01 09:52:26 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-27 13:06:21 0 d-------- C:\Program Files\Common Files\SupportSoft
2008-06-10 21:45:11 0 d-------- C:\Program Files\Common Files\Scanner
2008-06-10 21:45:11 0 d-------- C:\Program Files\CA
2008-06-10 21:44:34 1433699 --a------ C:\WINDOWS\system32\winsflt.dll
2008-06-10 21:44:34 2105344 --a------ C:\WINDOWS\system32\win32cpr.dll
2008-06-10 20:48:28 0 d-------- C:\Documents and Settings\Owlette\Application Data\Adobe
2008-05-10 18:06:53 93753808 --a------ C:\registybackup.reg
2008-05-09 20:11:39 88 -r-hs---- C:\WINDOWS\system32\8042B5724C.sys
2008-05-07 00:55:40 1288192 --a------ C:\WINDOWS\system32\quartz.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [09/29/2005 02:01 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [10/14/2005 08:49 PM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [10/14/2005 08:46 PM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [10/14/2005 08:50 PM]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [10/05/2005 03:12 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [12/13/2004 03:30 PM]
"Norton Ghost 10.0"="C:\Program Files\Norton Ghost\Agent\GhostTray.exe" [12/07/2005 04:05 PM]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [06/10/2005 10:44 AM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [06/10/2005 10:44 AM]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [09/08/2005 05:20 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [06/02/2006 05:02 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/23/2006 04:45 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/17/2006 05:30 PM]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [08/12/2005 04:16 PM]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [02/19/2006 02:41 AM]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe" [02/09/2006 06:34 PM]
"NapsterShell"="C:\Program Files\Napster\napster.exe" [11/08/2007 06:58 PM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [12/22/2006 08:29 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
"cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" [08/16/2007 10:19 PM]
"dvHighMem"="C:\WINDOWS\cfgmng32.exe" [11/19/2007 02:13 PM]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [11/15/2007 09:24 AM]
"mxomssmenu"="C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [09/06/2007 02:53 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [03/15/2007 11:09 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 05:00 AM]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [11/15/2007 09:23 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme




-- End of Deckard's System Scanner: finished at 2008-07-25 15:17:58 ------------
  • 0

#18
xcrunner423

xcrunner423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
For some reason it didn't bring up a extra.txt this time.
  • 0

#19
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
No worries, extra.txt only shows up in the first run.

Let's see if we can find something.

First off I would like you to fix these items through Hijack This if you could:

O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: WinSock Svchost Manager (WinSvchostManager) - Unknown owner - C:\WINDOWS\system32\svcprs32.exe



Download GMER from here:
http://www.gmer.net/files.php

See if you can click on Extract to, then extract it to your Desktop as it can't be run from the USB drive.

Open the program and click on the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
Click on Scan.
When the scan has run click Copy and paste the results (if any) into this thread.
  • 0

#20
xcrunner423

xcrunner423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
I was halfway through a scan when the computer restarted before I could catch it. The NT Authority now says something about Isass.exe. Now I am running the scan again but it will only let me check "Services, Registry, Files and ADS" when during my first scan it allowed me to check them all. At this second scan when I click to open it says "Warning Loaded GMER's driver version is incompatible with the current running GMER application. You need to stop the driver with the command "net stop gmer" or restart your computer"

I turned off the computer and turned it back on and it still won't let me check all the boxes like it did the first time. When I started scanning the first time it brough up a lot of info quickly. Most having to do with "CA"

Here is the results of the scan with just the Services, Registry, Files and ADS checked:

Attached Files

  • Attached File  1.txt   281.35KB   230 downloads

  • 0

#21
xcrunner423

xcrunner423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Attached File  1.5.txt   254.05KB   277 downloads
  • 0

#22
xcrunner423

xcrunner423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Attached File  2.txt   429.73KB   320 downloads

New Problem: When I try to shut down the computer using the start menu I get a box that says "You do not have permission to shut down or restart this computer"

Edited by xcrunner423, 25 July 2008 - 06:00 PM.

  • 0

#23
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Can you try deleting it from your desktop and go through the whole process of extracting it to your desktop etc again?
Did you download something before this started or how did these problems come about?
  • 0

#24
xcrunner423

xcrunner423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
I didn't download anything new. The computer just restarted (I didn't catch it in time to type shutdown -a) and when It came back on it was like that. I tried to delete it and extract it again but it said the same thing.
  • 0

#25
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Hi there,

Lets try another tool...

To open the rar file you will need a program like winrar. http://www.win-rar.com/download.html

Please download RootRepeal to your desktop
  • Unzip it to it's own folder, close all other programs especially your security programs (anti-spyware, anti-virus, and firewall) and run RootRepeal.exe
  • Click the Report tab at the bottom and then the Scan button.
  • A box will pop up, check the boxes beside Drivers, Files, Processes and click OK.
  • Another box will open, check the boxes beside all the drives, eg : C:\, then click OK.
  • The scan will take a little while to run, so let it go unhindered.
  • Once it is done, click the Save Report button, call it RepealScan and save the log to your desktop. Post that log here in your reply

  • 0

Advertisements


#26
xcrunner423

xcrunner423

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Now it seems to think that I'm not the administrator of the computer and it's giving me trouble trying to run the scan. Sometimes it lets me open it and then it restarts.

I'll keep trying.
  • 0

#27
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
OK tell me how it goes.
  • 0

#28
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Do you still need help?
  • 0

#29
Mike

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP