Options
clean autoruns & hijackthis
hello... i've had the same problem as the others regarding the VBS:small.
have used the clean autoruns and then the hijackthis afterwards as suggested. however, when i scanned using hijackthis, i did not find the line F2 - REG:system.ini: UserInit=userinit.exe,autorun.bat, does this mean that everything has been cleaned?
i just want to clarify.
thanks.:)
have used the clean autoruns and then the hijackthis afterwards as suggested. however, when i scanned using hijackthis, i did not find the line F2 - REG:system.ini: UserInit=userinit.exe,autorun.bat, does this mean that everything has been cleaned?
i just want to clarify.
thanks.:)
0
Comments
Please do the following...
download Deckard's System Scanner to your Desktop
* Close all applications and windows.
* Double-click on Dss.exe to run it, and follow the prompts.
* The scan may take a minute. When the scan is complete, a text file will open Main.txt and extra.txt
Please, post these logs:
Dss.Main.txt
Dss.Extra.txt
i did a deckard's system scan. here now are the logs.
thanks.
Good Work!
Please do the following:
You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.
step#1
Open HijackThis
- Click the Do a system scan only button
- Check the following entries (below)
F2 - REG:system.ini: UserInit=userinit.exe,autorun.bat
Close ALL open windows
Click Fix Checked
Close HijackThis
step#2
Please backup your registry before fix it:
Start
Run
Type the following to the box and hit Ok: regedit
A window opens, click on File
Choose Export form the menu
Change the save location to C:\
Give the filename, RegBackUp
Make sure that the filetype is set to Registryfiles (*.reg)
Click on Save and Close the window
Please run Notepad and paste the following text into a new file
Windows Registry Editor Version 5.00 [-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b98a04e-4205-11db-81e7-0016ecb5b62f}] [-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{832afaf1-d051-11db-a88e-0016ecb5b62f}]double-click the FixDCX.reg. When it asks if you would like to add the information into the Registry, click on the Yes button and then on the OK button at next prompt..step#3
Please download
ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.
This program is for XP and Windows 2000 only!
Double-click ATF Cleaner.exe to open it.
Under Main select the following:
* Windows Temp
* Current User Temp
* All Users Temp
* Temporary Internet Files
* Prefetch
* Java Cache
*The other boxes are optional*
Then click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
step#4
Please download AVG Anti-Spyware to your desktop. When ready, do following:
-
- (If not, click the text and choose Quarantine)
- Under "How to scan?" all checkboxes should be ticked
- Under "Reports" select Automatically generate report after every scan
- Under "What to scan?" select Scan every file
- Click the Shield icon
- Under the "Resident shield is" click active to make it inactive
- Close AVG Anti-Spyware
Reboot to safe modeand uncheck Only if threats were found
- If the computer is running, shut down Windows, and then turn off the power
- Wait 30 seconds, and then turn the computer on
- Start tapping the F8 key
- The Windows Advanced Options Menu appears
- Ensure that the Safe Mode option is selected
- Press Enter. The computer then begins to start in Safe mode
- Login on your usual account
Open My Computer.Click Tools menu then click Folder Options.
Click the View tab.
Scroll to the ;Hidden files and folders; section and click Show hidden files and folders.;
Uncheck the Hide protected operating system files (recommended); option. (SEE NOTE ABOVE ON THIS OPTION!) Click Yes to confirm. Then click OK.
-
- (If not, click the text and choose Quarantine)
- Click Apply all actions
- Click Save Report
- Click Save reports as
- Save report to your Desktop
step#5Open HijackThis
- Click the Do a system scan and save a log file button
step#6
Post these Logfiles in your next reply:
a hjt-log
AVG Anti-Spyware report
thanks.
my bad ... I'm sorry
Please backup your registry before fix it:
Start
Run
Type the following to the box and hit Ok: regedit
A window opens, click on File
Choose Export form the menu
Change the save location to C:\
Give the filename, RegBackUp
Make sure that the filetype is set to Registryfiles (*.reg)
Click on Save and Close the window
Please run Notepad and paste the following text into a new file:
Windows Registry Editor Version 5.00 [-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4b98a04e-4205-11db-81e7-0016ecb5b62f}] [-HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{832afaf1-d051-11db-a88e-0016ecb5b62f}]Save the file to the desktop as fix.reg and make sure the "Save as Type" field says "All Files".Then please go to the desktop and double-click on fix.reg, and click Yes to merge it with the registry