1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: computer playing up please help

Discussion in 'Virus & Other Malware Removal' started by mingmong, Jul 17, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. mingmong

    mingmong Thread Starter

    Joined:
    Jun 5, 2006
    Messages:
    85
    hello all, can any1 pls help me, i,ve got nod 32 and both ad-ware and spybot installed, i keep getting errors, it started off with a dll error when i turned computer off, think it was dw20.dll or something like that but i never noticed anything wrong with my system, now i keep getting a virus alert so ive scanned with nod 32, spybot and ad-ware, they all detected stuff but still not found out the problem, not sure if u can help me out with a hijackthis report but i did 1 anyway, please help :

    Logfile of HijackThis v1.99.1
    Scan saved at 2:06:20 PM, on 7/17/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\dcomcfg.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Cerience\RepliGo\RepliGoMon.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\atmclk.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Paul\LOCALS~1\Temp\Rar$EX00.500\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: RepliGoIEHelperCtl Class - {91DE4477-9CDC-4806-9BCB-28A963988E94} - C:\Program Files\Cerience\RepliGo\RepliGoIEHelper.dll
    O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\system32\hp100.tmp
    O3 - Toolbar: &RepliGo - {81F4066B-F330-4872-8094-3E9FBCCEC8C1} - C:\Program Files\Cerience\RepliGo\RepliGoIEBar.dll
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 5\Ulead DVD MovieFactory 5\Quick-Drop.exe" WINDOWCALL
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [RepliGo Assistant] "C:\Program Files\Cerience\RepliGo\RepliGoMon.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
    O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ATI Launchpad] C:\Program Files\ATI Multimedia\main\launchpd.exe
    O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: cholecyst - {ee2975b6-e8d5-405e-8448-8fe9590f6cfb} - C:\WINDOWS\system32\mzoeut.dll (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    thanks
     
  2. mingmong

    mingmong Thread Starter

    Joined:
    Jun 5, 2006
    Messages:
    85
    im constantly getting the yellow warning sign at bottom of page
     
  3. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

    Please download SmitfraudFix (by S!Ri)
    Extract the content (a folder named SmitfraudFix) to your Desktop.

    Next, please reboot your computer in Safe Mode by doing the following :
    • Restart your computer
    • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
    • Instead of Windows loading as normal, a menu with options should appear;
    • Select the first option, to run Windows in Safe Mode, then press "Enter".
    • Choose your usual account.
    Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
    Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

    You will be prompted: "Registry cleaning - Do you want to clean the registry?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

    The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

    The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.

    A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply along with a new hijack log.

    The report can also be found at the root of the system drive, usually at C:\rapport.txt

    Warning: running option #2 on a non infected computer will remove your Desktop background.
     
  4. mingmong

    mingmong Thread Starter

    Joined:
    Jun 5, 2006
    Messages:
    85
    cheers mate, will follow this now n report right back
     
  5. mingmong

    mingmong Thread Starter

    Joined:
    Jun 5, 2006
    Messages:
    85
    ok followed those instructions and here are the logs:

    SmitFraudFix v2.73

    Scan done at 15:27:02.43, Mon 07/17/2006
    Run from C:\Documents and Settings\Paul\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    Fix ran in safe mode

    »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "cholecyst"="{ee2975b6-e8d5-405e-8448-8fe9590f6cfb}"


    »»»»»»»»»»»»»»»»»»»»»»»» Killing process


    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri

    C:\WINDOWS\system32\mzoeut.dll -> Missing File


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

    C:\WINDOWS\system32\atmclk.exe Deleted
    C:\WINDOWS\system32\dcomcfg.exe Deleted
    C:\WINDOWS\system32\hp???.tmp Deleted
    C:\WINDOWS\system32\ld???.tmp Deleted
    C:\WINDOWS\system32\ot.ico Deleted
    C:\WINDOWS\system32\regperf.exe Deleted
    C:\WINDOWS\system32\simpole.tlb Deleted
    C:\WINDOWS\system32\stdole3.tlb Deleted
    C:\WINDOWS\system32\1024\ Deleted
    C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url Deleted
    C:\DOCUME~1\Paul\FAVORI~1\Antivirus Test Online.url Deleted

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» End

    and hijack this log:

    Logfile of HijackThis v1.99.1
    Scan saved at 3:32:02 PM, on 7/17/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Cerience\RepliGo\RepliGoMon.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\DOCUME~1\Paul\LOCALS~1\Temp\Rar$EX00.421\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: RepliGoIEHelperCtl Class - {91DE4477-9CDC-4806-9BCB-28A963988E94} - C:\Program Files\Cerience\RepliGo\RepliGoIEHelper.dll
    O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\system32\hp100.tmp (file missing)
    O3 - Toolbar: &RepliGo - {81F4066B-F330-4872-8094-3E9FBCCEC8C1} - C:\Program Files\Cerience\RepliGo\RepliGoIEBar.dll
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 5\Ulead DVD MovieFactory 5\Quick-Drop.exe" WINDOWCALL
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [RepliGo Assistant] "C:\Program Files\Cerience\RepliGo\RepliGoMon.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
    O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ATI Launchpad] C:\Program Files\ATI Multimedia\main\launchpd.exe
    O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4805/mcfscan.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    thanks
     
  6. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Run hijack scan only, mark this entry close ie, click fix checked

    O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\system32\hp100.tmp (file missing)

    How are things?
     
  7. mingmong

    mingmong Thread Starter

    Joined:
    Jun 5, 2006
    Messages:
    85
    i,ve also just noticed that when i go to control panel ther are stuff missing from there not sure what they are tho, there is just blank spaces
     
  8. mingmong

    mingmong Thread Starter

    Joined:
    Jun 5, 2006
    Messages:
    85
    well ever since i did what u said in 1st step there has been no sign of any virus, did u give me instructions of fixing this cos i thought u only gave me instructions on making a different log for u lol anyway i did what u just told me to do and it removed the O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\system32\hp100.tmp (file missing) thanks

    but still have 5 icons missing from control panel do u know what the problem could be please? thanks for your help (y)
     
  9. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Download the trial version of Ewido Security Suite http://www.ewido.net/en/download/ (W2K/XP Only)
    · Install ewido.
    · Run the application
    · Click on scanner
    · Click Complete System Scan and the scan will begin.
    · When the scan is finished, Set all items to delete
    · Apply all actions
    · look at the bottom of the screen and click the Save report button.
    · Save the report to your C: Drive
    This will take some time to run!
    RE-Boot
    Post that log and a new HiJack log
     
  10. mingmong

    mingmong Thread Starter

    Joined:
    Jun 5, 2006
    Messages:
    85
    right i will do that now mate, just noticed that whatever has happened it has deleted stuff off my pc, i,ve just had to reinstall .NET framework version 1.1 and 2.0 not sure if its removed anything else
     
  11. mingmong

    mingmong Thread Starter

    Joined:
    Jun 5, 2006
    Messages:
    85
    just done the scan, here are the logs:

    ---------------------------------------------------------
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 4:46:26 PM 7/17/2006

    + Scan result:



    C:\Documents and Settings\Paul\My Documents\Downloads\Programs\Setup.exe -> Adware.180Solutions : Cleaned.
    C:\Program Files\ESET\infected\PNCNIGDA.NQF -> Adware.SaveNow : Cleaned.
    C:\Documents and Settings\Paul\Application Data\IDM\DwnlData\Paul\1139062656_1775\1139062656/Loader.exe -> Not-A-Virus.VirTool.Win32.Patcher.a : Cleaned.
    C:\Documents and Settings\Paul\Application Data\IDM\DwnlData\Paul\1139086837_1774\1139086837/Warelex.Mobiola.WebCam.v1.04.S60.SymbianOS.Cracked -BiNPDA/BiN-1980/Loader.exe -> Not-A-Virus.VirTool.Win32.Patcher.a : Cleaned.
    C:\Documents and Settings\Paul\My Documents\Downloads\Compressed\ISO-8859-1''BiN-1979.zip/Loader.exe -> Not-A-Virus.VirTool.Win32.Patcher.a : Cleaned.
    C:\Documents and Settings\Paul\My Documents\Downloads\Compressed\ISO-8859-1''Warelex.Mobiola.WebCam.v1.04.S60.SymbianOS.Cracked%20-BiNPDA.zip/Warelex.Mobiola.WebCam.v1.04.S60.SymbianOS.Cracked -BiNPDA/BiN-1980/Loader.exe -> Not-A-Virus.VirTool.Win32.Patcher.a : Cleaned.
    C:\Documents and Settings\Paul\My Documents\Downloads\Compressed\MWC_with_loader.zip/Warelex.Mobiola.WebCam.v1.04.S60.SymbianOS.Cracked -BiNPDA/BiN-1980/Loader.exe -> Not-A-Virus.VirTool.Win32.Patcher.a : Cleaned.
    C:\Documents and Settings\Paul\My Documents\Downloads\Compressed\MWC_with_loader_2.zip/Warelex.Mobiola.WebCam.v1.04.S60.SymbianOS.Cracked -BiNPDA/BiN-1980/Loader.exe -> Not-A-Virus.VirTool.Win32.Patcher.a : Cleaned.
    C:\Documents and Settings\Paul\My Documents\Downloads\Compressed\Mobiola_Cracked_Files.zip/Mobiola Cracked Files/Loader.exe -> Not-A-Virus.VirTool.Win32.Patcher.a : Cleaned.
    C:\Documents and Settings\Paul\My Documents\Downloads\Compressed\rebuilt.MWC_with_loader.zip/Warelex.Mobiola.WebCam.v1.04.S60.SymbianOS.Cracked -BiNPDA/BiN-1980/Loader.exe -> Not-A-Virus.VirTool.Win32.Patcher.a : Cleaned.
    :mozilla.165:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.166:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.138:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.68:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.217:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.103:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.107:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.43:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.88:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.89:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.133:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Com : Cleaned.
    :mozilla.137:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.167:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.168:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.169:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.170:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.171:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.172:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.173:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.174:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.175:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.176:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.108:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.191:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
    :mozilla.100:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.101:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.102:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.109:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.110:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.99:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.128:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.129:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
    :mozilla.130:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
    :mozilla.207:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
    :mozilla.6:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.7:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.8:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.9:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.153:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.154:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.155:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.156:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.121:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.122:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.123:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.162:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.36:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.37:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.209:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
    :mozilla.221:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.222:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.223:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.224:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.225:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.226:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.211:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.212:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.213:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.214:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.215:C:\Documents and Settings\Paul\Application Data\Mozilla\Firefox\Profiles\vqhc0bss.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


    ::Report end


    and:

    Logfile of HijackThis v1.99.1
    Scan saved at 4:52:50 PM, on 7/17/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\oodag.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Cerience\RepliGo\RepliGoMon.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\ewido anti-spyware 4.0\ewido.exe
    C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\DOCUME~1\Paul\LOCALS~1\Temp\Rar$EX01.812\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: RepliGoIEHelperCtl Class - {91DE4477-9CDC-4806-9BCB-28A963988E94} - C:\Program Files\Cerience\RepliGo\RepliGoIEHelper.dll
    O3 - Toolbar: &RepliGo - {81F4066B-F330-4872-8094-3E9FBCCEC8C1} - C:\Program Files\Cerience\RepliGo\RepliGoIEBar.dll
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 5\Ulead DVD MovieFactory 5\Quick-Drop.exe" WINDOWCALL
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [RepliGo Assistant] "C:\Program Files\Cerience\RepliGo\RepliGoMon.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
    O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKCU\..\Run: [ATI Launchpad] C:\Program Files\ATI Multimedia\main\launchpd.exe
    O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4805/mcfscan.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    thanks
     
  12. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
  13. mingmong

    mingmong Thread Starter

    Joined:
    Jun 5, 2006
    Messages:
    85
    thank u for ya help mate, u must have an IQ of 1 million or something lol thanks again, i still dont know why icons have gone missing off control panel tho but the virus problem is solved as far as i can see (y) :)
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/483901

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice