Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Missing Control Panel


  • Please log in to reply

#1
Davie P

Davie P

    New Member

  • Member
  • Pip
  • 4 posts
Please can any one out there help!
I am not sure i am even in the right topic or not, but here goes.
My control panel has completely disappeared. Also, if i try to go in to 'View System Information' or 'Add/Remove Programs' a window appears saying "This operation has been canceled due to restrictions in effect on this computer. Please contact your system administrator."
I am on Windows XP.
Do I have some kind of virus?
Any kind of help or advice would be greatly appreciated. Also, I am a bit of a computer novice so please be gentle!
Many thanks
  • 0

Advertisements


#2
1101doc

1101doc

    Trusted Tech

  • Retired Staff
  • 909 posts
Yes, unfortunately, malware is very likely. We've been seeing alot of "Missing Control Panel" problems lately. It seems that some new 'baddie' is disabling the control panel to try to keep you from removing it.

Please follow all the instructions here: http://www.geekstogo...-Log-t2852.html

Then post a HiJackThis log here: http://www.geekstogo...o-Here-f37.html

You will be assisted by a trained malware removal specialist. If problems remain after your helper has given you a clean bill of health, post back here, and we'll get things fully sorted.

Good luck, and happy hunting.
  • 0

#3
Davie P

Davie P

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
ComboFix 07-10-06.5 - David 2003-10-06 20:06:11.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.94 [GMT 1:00]
Running from: C:\Documents and Settings\David\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Dave Piggott\Application Data\Microsoft\2236.dat
C:\Documents and Settings\Dave Piggott\Start Menu\Programs\Startup\system.exe
C:\Documents and Settings\David\Application Data\macromedia\Flash Player\#SharedObjects\KMFSRYL2\www.broadcaster.com
C:\Documents and Settings\David\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\David\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\David\Application Data\Microsoft\2236.dat
C:\m.exe
C:\MTE3NDI6ODoxNg.exe
C:\p.exe
C:\Program Files\perfect codec
C:\q.exe
C:\WINDOWS\gimmygames1.dat
C:\WINDOWS\system32\{98C9309B-7FF1-4803-AEE7-020471C1B246}.exe
C:\WINDOWS\system32\paytime.exe
C:\WINDOWS\system32\ppatch~1
C:\WINDOWS\system32\printer.exe
C:\WINDOWS\system32\WinAvXX.exe
C:\WINDOWS\system32\wnsxs~1
C:\WINDOWS\tool.exe
C:\WINDOWS\winsysupd51.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_MSUPDATE


((((((((((((((((((((((((( Files Created from 2007-09-06 to 2007-10-06 )))))))))))))))))))))))))))))))
.

2007-09-30 13:45 1,592,320 --a------ C:\WINDOWS\system32\SoUI.dll
2007-09-30 00:36 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MailFrontier
2007-09-30 00:35 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-09-30 00:35 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-09-30 00:34 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-09-30 00:32 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-09-29 23:41 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-09-29 23:41 <DIR> d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2007-09-29 19:46 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-09-29 19:43 <DIR> d-------- C:\Documents and Settings\David\.housecall6.6
2007-09-29 16:12 107,776 --a------ C:\WINDOWS\system32\drivers\ac97ich4.sys
2007-09-29 16:08 86,074 --a--c--- C:\WINDOWS\system32\dllcache\voicesub.dll
2007-09-29 16:08 48,256 --a--c--- C:\WINDOWS\system32\dllcache\w32.dll
2007-09-29 16:08 426,042 --a--c--- C:\WINDOWS\system32\dllcache\voicepad.dll
2007-09-29 16:08 41,600 --a--c--- C:\WINDOWS\system32\dllcache\weitekp9.dll
2007-09-29 16:08 31,232 --a--c--- C:\WINDOWS\system32\dllcache\weitekp9.sys
2007-09-29 15:58 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-09-29 15:55 73,728 --a--c--- C:\WINDOWS\system32\dllcache\icwtutor.exe
2007-09-29 15:55 61,440 --a--c--- C:\WINDOWS\system32\dllcache\icwres.dll
2007-09-29 15:55 57,344 --a--c--- C:\WINDOWS\system32\dllcache\icwconn.dll
2007-09-29 15:55 45,056 --a--c--- C:\WINDOWS\system32\dllcache\icwutil.dll
2007-09-29 15:55 40,960 --a--c--- C:\WINDOWS\system32\dllcache\trialoc.dll
2007-09-29 15:55 24,576 --a--c--- C:\WINDOWS\system32\dllcache\icwrmind.exe
2007-09-29 15:55 24,576 --a--c--- C:\WINDOWS\system32\dllcache\icwdl.dll
2007-09-29 15:55 155,648 --a--c--- C:\WINDOWS\system32\dllcache\icwhelp.dll
2007-09-29 15:53 189,440 --a--c--- C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-09-29 15:53 189,440 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-09-29 15:53 139,776 --a--c--- C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-09-29 15:53 139,776 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-09-29 15:51 99,328 --a------ C:\WINDOWS\system32\irftp.exe
2007-09-29 15:51 78,336 --a------ C:\WINDOWS\system32\irmon.dll
2007-09-29 15:51 7,680 --a------ C:\WINDOWS\system32\wshirda.dll
2007-09-29 15:51 55,296 --a------ C:\WINDOWS\system32\drivers\irda.sys
2007-09-29 15:36 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys
2007-09-29 15:31 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll
2007-09-29 15:31 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-09-29 15:31 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll
2007-09-29 15:31 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-09-29 15:03 53,600 --a------ C:\WINDOWS\system32\drivers\alcan5wn.sys
2007-09-29 15:03 127,065 --a------ C:\WINDOWS\system32\drivers\adiusbaw.sys
2007-09-26 23:46 541,696 --a------ C:\WINDOWS\system32\GE.dll
2007-09-25 00:09 12,875 --a------ C:\WINDOWS\system32\mssrv32.exe
2007-09-23 13:09 89,088 --a------ C:\WINDOWS\system32\rtnka.dll
2007-09-18 22:34 1,592,320 --a------ C:\WINDOWS\system32\rtnka.dat
2007-09-14 00:34 <DIR> d-------- C:\Program Files\SoftPortal
2007-09-13 23:53 76,800 --a------ C:\WINDOWS\system32\unrar.dll
2007-09-13 23:52 6,264 --a------ C:\Documents and Settings\David\ie_update3r.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-06 20:16 --------- d-------- C:\Program Files\ThreatFire
2007-09-29 16:23 --------- d-------- C:\Documents and Settings\David\Application Data\MSN6
2007-09-27 23:30 --------- d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
2007-09-20 14:26 52032 --a------ C:\WINDOWS\system32\drivers\TfFsMon.sys
2007-09-20 14:26 34624 --a------ C:\WINDOWS\system32\drivers\TfNetMon.sys
2007-09-20 14:26 12608 --a------ C:\WINDOWS\system32\drivers\TfKbMon.sys
2007-09-19 22:56 --------- d-------- C:\Program Files\Real
2007-09-19 22:56 --------- d-------- C:\Program Files\MSN Messenger
2007-09-18 20:58 --------- d-------- C:\Program Files\Symantec
2007-09-18 20:57 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-09-18 20:57 60800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-09-18 20:57 123952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-09-18 20:57 10676 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2006-01-28 15:58 12754672 --a------ C:\Program Files\MP10Setup.exe
2004-09-07 23:57 0 -rahsc--- C:\Program Files\q330994.exe
2004-05-28 02:23 2150574 --a------ C:\Program Files\aaw6181.exe
2004-05-28 02:12 806974 --a--c--- C:\Program Files\u6156fa8.bin
2004-05-28 02:05 115217 --a--c--- C:\Program Files\u6156iu0.bin
2004-05-27 00:25 963572 --a------ C:\Program Files\RegSeeker.zip
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"AGRSMMSG"="AGRSMMSG.exe" [2003-01-24 11:45 C:\WINDOWS\AGRSMMSG.exe]
"ATIModeChange"="Ati2mdxx.exe" [2002-08-28 11:17 C:\WINDOWS\system32\Ati2mdxx.exe]
"adiras"="adiras.exe" []
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-03-30 22:00]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 22:59]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2006-09-06 02:22]
"VX3000"="C:\WINDOWS\vVX3000.exe" [2006-10-13 18:04]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 18:01]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 06:00]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 19:05]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]
"ThreatFire"="C:\Program Files\ThreatFire\TFTray.exe" [2003-10-06 20:04]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2003-10-03 23:30]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"STManager"="C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" [2003-10-16 13:25]
"Egdnmnj"="C:\WINDOWS\System32\n?lookup.exe" [2003-03-31 13:00]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-03-31 13:00]
"Crea"="C:\Program Files\csuu\sstp.exe" []
"RealPlayer"="C:\Program Files\Real\RealPlayer\realplay.exe" [2003-10-03 23:30]
"KillAndClean"="C:\Program Files\KillAndClean\KillAndClean.exe" []
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2003-10-03 21:34]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"Microsoft Configure 32"=msgconfigre.exe
"Microsft Computer Data Conf"=mscdconf.exe
"ms ownage"=winPE.exe
"AdobeReaderPro"=svxhost.exe

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"tscuninstall"=%systemroot%\system32\tscupgrd.exe

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2005-11-03 21:57:25]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2003-10-03 21:34:19]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-10-27 07:10:54]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispBackgroundPage"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"System"="csapn.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sysfldr]
sysfldr.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NetDDEsrv]
@="Service"

R0 TfFsMon;TfFsMon;C:\WINDOWS\System32\drivers\TfFsMon.sys
R0 TfSysMon;TfSysMon;C:\WINDOWS\System32\drivers\TfSysMon.sys
R1 cdudf_xp;cdudf_xp;C:\WINDOWS\System32\drivers\cdudf_xp.sys
R1 pwd_2k;pwd_2k;C:\WINDOWS\System32\drivers\pwd_2k.sys
R1 UdfReadr_xp;UdfReadr_xp;C:\WINDOWS\System32\drivers\UdfReadr_xp.sys
R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamS32.exe"
R2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service
R3 mmc_2K;mmc_2K;C:\WINDOWS\System32\drivers\mmc_2K.sys
R3 msloop;Microsoft Loopback Adapter Driver;C:\WINDOWS\System32\DRIVERS\loop.sys
R3 TfNetMon;TfNetMon;\??\C:\WINDOWS\System32\drivers\TfNetMon.sys
R3 WBFIRDMA;Winbond Infrared Device Driver;C:\WINDOWS\System32\DRIVERS\wbfirdma.sys
S3 dvd_2K;dvd_2K;C:\WINDOWS\System32\drivers\dvd_2K.sys
S3 VX3000;VX-3000;C:\WINDOWS\System32\DRIVERS\VX3000.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-03-27 22:26:52 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-10-02 21:53:06 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
"2007-05-04 19:51:40 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - David.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
.
**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-10-06 20:59:35 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-10-06 20:24
.
--- E O F ---
  • 0

#4
1101doc

1101doc

    Trusted Tech

  • Retired Staff
  • 909 posts
This will not accomplish anything, really. Please post a HJT log in the proper forum:
http://www.geekstogo...o-Here-f37.html

Edited by 1101doc, 06 October 2007 - 03:04 PM.

  • 0

#5
Madacake

Madacake

    Member

  • Member
  • PipPip
  • 15 posts
I had this problem recently, here's the way to fix it.

First of all, download Smitfraudfix and ComboFix. Do NOT click ComboFix while it's running, it can stall the program!

Here's what you must do.
1. Start your cumputer in SAFE-MODE.
2. Login to YOUR account and open Smitfraudfix.
3. When it asks what to do, select CLEAN, when asked "Do you want to clean the registry?", choose YES.
4. Let the process continue until its done, then open ComboFix.
5. Follow what it says and let the process continue.
6. When it's done, reboot your computer.
7. When you have logged in, open your Anti-Spyware program. (If you do not have one, download one. I recommend SUPERAntiSpyware).
8. Let it scan, and if it finds virus, remove them.
9. Reboot again.

Now I hope you are virus-free!

TIP; Copy this post into a readme file if you need help in Safe-mode.
  • 0

#6
Davie P

Davie P

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Hey Presto, I have my control panel back just from following the 'How to remove Outerinfo'. Here is my latest HijackThis report. Do I still need to do anything else? How do I know the bug that caused this is completely gone? and how do I keep it away? Thank you for all your help so far.


Logfile of HijackThis v1.99.1
Scan saved at 23:26, on 2003-10-06
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\vVX3000.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [Microsoft Configure 32] msgconfigre.exe
O4 - HKLM\..\RunServices: [Microsft Computer Data Conf] mscdconf.exe
O4 - HKLM\..\RunServices: [ms ownage] winPE.exe
O4 - HKLM\..\RunServices: [AdobeReaderPro] svxhost.exe
O4 - HKCU\..\Run: [STManager] "C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b
O4 - HKCU\..\Run: [Egdnmnj] C:\WINDOWS\System32\n?lookup.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Crea] "C:\Program Files\csuu\sstp.exe" -vt mt
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [KillAndClean] "C:\Program Files\KillAndClean\KillAndClean.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton GoBack\GBTray.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
O16 - DPF: {43331111-1111-1111-1111-611111195622} - file://c:\ex.cab
O16 - DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zone...anner371420.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{49B024DF-64B3-4253-823C-B1E6D1B5D20C}: NameServer = 85.255.116.21 85.255.112.230
O17 - HKLM\System\CS1\Services\Tcpip\..\{49B024DF-64B3-4253-823C-B1E6D1B5D20C}: NameServer = 85.255.116.21 85.255.112.230
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: sysfldr - sysfldr.dll (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
  • 0

#7
1101doc

1101doc

    Trusted Tech

  • Retired Staff
  • 909 posts
Please do not post HJT logs in this section of the forum! They go here:
http://www.geekstogo...o-Here-f37.html
  • 0

#8
Davie P

Davie P

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Sorry folks, I am new here! How do i move this to the correct forum?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP