Hello and welcome to Techspot.
Boot into safe mode. See how HERE.
http://www.bleepingcomputer.com/forums/tutorial61.html
Turn off system restore.(XP/ME only) See how HERE.
http://www.bleepingcomputer.com/forums/tutorial56.html
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
http://www.bleepingcomputer.com/forums/tutorial62.html
Click start/run and type regsvr32 /u C:\WINDOWS\system32\csrss.dll into the run box and press the enter key. Note the space between the 2 and the forward slash and again between the u and c.
Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).
F2 - REG:system.ini: UserInit=userinit.exe
Fix all 01-Hosts entries.
O2 - BHO: Nothing - {6ab7158b-4bff-4160-ad7d-4d622df548cf} - C:\WINDOWS\system32\hp100.tmp
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [GPIO] C:\Program Files\USB-HDD\GPIOManager\GPIOManager.exe
O4 - HKCU\..\Run: [Tok-Cirrhatus-1266] "C:\Documents and Settings\user\Local Settings\Application Data\br3555on.exe"
O4 - Global Startup: Startup.exe
Fix all 012-Plugin for entries.
Fix all 016-DPF entries.
O20 - AppInit_DLLs: C:\WINDOWS\system32\csrss.dll
O20 - Winlogon Notify: winqlr32 - winqlr32.dll (file missing)
Click on the fix checked button.
Close HJT.
Locate and delete the following
bold files(if there).
C:\WINDOWS\system32\
csrss.dll
C:\WINDOWS\system32\
hp100.tmp
Reboot into normal mode and turn system restore back on.
Post a fresh HJT log.
Regards Howard :wave: :wave:
Nintendo DMCA lawyers shut down everything Mario on Garry's Mod
