whturner
2007-05-21, 23:46
Have been chasing a problem for 3 days Could boot if I selected "enable logging" but sometimes not otherwise.
Narrowed it down to the startup routine which contained a program dmzxk.exe or some other dm***.exe.
No such program was in the /system32 directory( or found aanywhere) although it was listed as such by regcleaner.
I found your site by googling dmzxk, and used your fixware program with the following results.
I will now see how things go.
Thanks, and cheers
Warren
Fixwareout Last edited 5/15/2007
Post this report in the forums please
...
»»»»»Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="cslti.exe"
»»»»»
»»»»» Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ruins "}5EDF20C082B2-A80A-CFC4-D2D2-1BA09944{" Deleted
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ruins "}6D87BA966185-5208-02C4-925E-EB4D6DFC{" Deleted
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ruins "kxzmd" Deleted
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls "1trap" Deleted
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls "2trap" Deleted
C:\WINNT\System32\csxfo.exe Deleted
C:\WINNT\System32\dmisc.exe Deleted
C:\WINNT\System32\dmosd.exe Deleted
....
»»»»» Misc files.
....
»»»»» Checking for older varients.
....
Search five digit cs, dm, kd, jb, other, files.
The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection.
Click browse, find the file then click submit.
http://www.virustotal.com/flash/index_en.html
Or http://virusscan.jotti.org/
»»»»» Other
»»»»» Current runs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Fix-It AV"="C:\\PROGRA~1\\VCOM\\SYSTEM~1\\MemCheck.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
"VirusScannerPro"="C:\\PROGRA~1\\VCOM\\SYSTEM~1\\MemCheck.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
....
Hosts file was reset, If you use a custom hosts file please replace it
»»»»» End report »»»»»
Narrowed it down to the startup routine which contained a program dmzxk.exe or some other dm***.exe.
No such program was in the /system32 directory( or found aanywhere) although it was listed as such by regcleaner.
I found your site by googling dmzxk, and used your fixware program with the following results.
I will now see how things go.
Thanks, and cheers
Warren
Fixwareout Last edited 5/15/2007
Post this report in the forums please
...
»»»»»Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="cslti.exe"
»»»»»
»»»»» Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"=""
....
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ruins "}5EDF20C082B2-A80A-CFC4-D2D2-1BA09944{" Deleted
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ruins "}6D87BA966185-5208-02C4-925E-EB4D6DFC{" Deleted
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ruins "kxzmd" Deleted
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls "1trap" Deleted
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls "2trap" Deleted
C:\WINNT\System32\csxfo.exe Deleted
C:\WINNT\System32\dmisc.exe Deleted
C:\WINNT\System32\dmosd.exe Deleted
....
»»»»» Misc files.
....
»»»»» Checking for older varients.
....
Search five digit cs, dm, kd, jb, other, files.
The following files NEED TO BE SUBMITTED to one of the following URL'S for further inspection.
Click browse, find the file then click submit.
http://www.virustotal.com/flash/index_en.html
Or http://virusscan.jotti.org/
»»»»» Other
»»»»» Current runs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Fix-It AV"="C:\\PROGRA~1\\VCOM\\SYSTEM~1\\MemCheck.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
"VirusScannerPro"="C:\\PROGRA~1\\VCOM\\SYSTEM~1\\MemCheck.exe"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
....
Hosts file was reset, If you use a custom hosts file please replace it
»»»»» End report »»»»»