Windows XP Control Panel Missing

J

jaymeewv

Joined
Dec 29, 2007
Messages
4
Reaction score
0
I have a Dell Inspiron with a missing control panel and every time it connects through the internet I get blue screened. So, I have to leave the cable unconnected. It also tells me that I am restricted from making any changes and contract admin. I have removed several virus and spyware. I did use highjackthis to get a log here it is....

Thanks!!


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
E:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\proper.exe
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
O2 - BHO: (no name) - {5A5CACF4-0144-4FF8-955C-938C943601BF} - C:\WINDOWS\system32\pmnno.dll (file missing)
O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\vtr221.dll (file missing)
O2 - BHO: (no name) - {ED203331-9C33-49D8-8714-D24A366A04EC} - C:\WINDOWS\system32\vtuvwts.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Seekmo - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Seekmo\bin\10.0.275.0\HostIE.dll (file missing)
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [autoload] C:\WINDOWS\system32\drivers\smss.exe
O4 - HKCU\..\Run: [autorun] C:\Documents and Settings\Darth\smss.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spoolsv] C:\WINDOWS\system32\spoolvs.exe
O4 - HKCU\..\Run: [AdwareAlert] C:\Program Files\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.imageservr.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O15 - Trusted Zone: *.imageservr.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat
O20 - Winlogon Notify: directpt - directpt.dll (file missing)
O20 - Winlogon Notify: vtuvwts - vtuvwts.dll (file missing)
O22 - SharedTaskScheduler: curdler - {bd0fc212-0a36-4232-83cc-2063fb9282e0} - C:\WINDOWS\system32\qzviz.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Routing and Remote Access RemoteAccessSwPrv (RemoteAccessSwPrv) - Unknown owner - C:\WINDOWS\system32\amstreamf.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe (file missing)
O24 - Desktop Component 1: Desktop Uninstall - C:\WINDOWS\warnhp.html

--
End of file - 8516 bytes
 
A

Anon_F

Joined
Jan 14, 2006
Messages
12,268
Reaction score
283
jaymeewv said:
It also tells me that I am restricted from making any changes and contract admin.
Click to expand...
Are you on a networked pc?
If so you will not have the user rights to solve the problem!
 
A

Anon_F

Joined
Jan 14, 2006
Messages
12,268
Reaction score
283
Has he been on any 'adult' sites and had a pop-up screen that says his pc has a virus & to click on screen box to clear it?
 
J

jaymeewv

Joined
Dec 29, 2007
Messages
4
Reaction score
0
Probably so..... I know I keep getting one pop up now but I am not connected to the internet so I cannot download anything else. Hopefully someone can tell me what to fix in the highjackthis log....
 
G

GameMaster

Joined
Dec 15, 2007
Messages
130
Reaction score
0
Ouuuuch...Today many bad cases. I suggest less porn sites please. I am sorry if I may offend you but this is really dangerous. I am very confident in removing all of this software, but you must know that 2 of these viruses are Trojans.bacdoor spies, and I suggest you siwtch your bank passwords and all essential information that may have been on your computer.
Now let's clean the nasties!
Run HijackThis again, choose Do a system scan only.
Place checks on these lines and Fix them:

  • C:\Program Files\Viewpoint\Common\ViewpointService.exe
  • R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=
  • R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
  • F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\proper.exe
  • O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
  • O2 - BHO: (no name) - {5A5CACF4-0144-4FF8-955C-938C943601BF} - C:\WINDOWS\system32\pmnno.dll (file missing)
  • O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\vtr221.dll (file missing)
  • O2 - BHO: (no name) - {ED203331-9C33-49D8-8714-D24A366A04EC} - C:\WINDOWS\system32\vtuvwts.dll (file missing)
  • O3 - Toolbar: Seekmo - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Seekmo\bin\10.0.275.0\HostIE.dll (file missing)
  • O4 - HKLM\..\Run: [smgr] mgrs.exe
  • O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
  • O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
  • O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (file missing)
  • O20 - AppInit_DLLs: C:\WINDOWS\system32\sulimo.dat
  • O20 - Winlogon Notify: directpt - directpt.dll (file missing)
  • O20 - Winlogon Notify: vtuvwts - vtuvwts.dll (file missing)
  • O15 - Trusted Zone: *.amaena.com (HKLM)
Please, check all 015-Trusted Zone entries unless you know what sites that are and unless you or your step-son haven't put it themselves!!

After you have fixed all these entries, time to clean the machine!
I suggest you print out all the next instructions as you will not be able to connect to internet while in Safe Mode.

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).

Now reboot your computer, but please reboot it to safe mode again.
Now delete Viewpoint ( I believe you will be able to access Control Panel ).

Reboot again when done, and post a SDFix log with fresh HijackThis log.
Good luck!
GameMaster
 
J

jaymeewv

Joined
Dec 29, 2007
Messages
4
Reaction score
0
SDFix: Version 1.120

Run by Darth on Sat 12/29/2007 at 05:07 PM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Name:
ntio256
ntio256

Path:

ntio256 - Deleted
ntio256 - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing SharedAccess Service
Restoring Missing SharedAccess Service

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\DOCUME~1\DARTH\APPLIC~1\DRVCLE~1.EXE - Deleted
C:\39.TMP - Deleted
C:\3A.TMP - Deleted
C:\3B.TMP - Deleted
C:\3C.TMP - Deleted
C:\PROGRA~1\MSNGAM~1\PROKYC~1.HTM - Deleted
C:\PROGRA~1\MSNGAM~1\LABUN - Deleted
C:\WINDOWS\SYSTEM32\DIRIUFPF.TMP - Deleted
C:\DOCUME~1\DARTH\APPLIC~1\DRVCLE~1.EXE - Deleted
C:\DOCUME~1\DARTH\APPLIC~1\DRVCLE~1.EXE - Deleted
C:\39.TMP - Deleted
C:\3A.TMP - Deleted
C:\3B.TMP - Deleted
C:\3C.TMP - Deleted
C:\PROGRA~1\MSNGAM~1\PROKYC~1.HTM - Deleted
C:\PROGRA~1\MSNGAM~1\PROKYC~1.HTM - Deleted
C:\PROGRA~1\MSNGAM~1\LABUN - Deleted
C:\PROGRA~1\MSNGAM~1\LABUN - Deleted
C:\WINDOWS\SYSTEM32\DIRIUFPF.TMP - Deleted
C:\WINDOWS\SYSTEM32\DIRIUFPF.TMP - Deleted
C:\WINDOWS\SYSTEM32\DIRIUFPF.TMP - Deleted
C:\Documents and Settings\Darth\Desktop\Find Spyware Remover.lnk - Deleted
C:\Documents and Settings\Darth\Desktop\Free Online Dating.lnk - Deleted
C:\Documents and Settings\Darth\Desktop\Go to Casino.lnk - Deleted
C:\Temp\1cb\syscheck.log - Deleted
C:\Temp\abW9\tPho.log - Deleted
C:\Program Files\E404 Helper\e404.v1.dll - Deleted
C:\Program Files\E404 Helper\e404.v5.dll - Deleted
C:\Program Files\Common Files\Yazzle1281OinAdmin.exe - Deleted
C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe - Deleted
C:\Program Files\Common Files\Yazzle1552OinUninstaller.exe - Deleted
C:\Documents and Settings\Darth\Application Data\antivirus.exe - Deleted
C:\Documents and Settings\Darth\Application Data\Install.dat - Deleted
C:\DOCUME~1\Darth\LOCALS~1\Temp\$b17a2e8.tmp - Deleted
C:\WINDOWS\Casino.ico - Deleted
C:\WINDOWS\Free Online Dating.ico - Deleted
C:\WINDOWS\hotporn.exe - Deleted
C:\WINDOWS\ie_32.exe - Deleted
C:\WINDOWS\Spyware Remover.ico - Deleted
C:\WINDOWS\system32\2_exception.nls - Deleted
C:\WINDOWS\system32\drivers\core.cache.dsk - Deleted
C:\WINDOWS\system32\lt.res - Deleted
C:\WINDOWS\system32\pac.txt - Deleted
C:\WINDOWS\system32\sft.res - Deleted
C:\WINDOWS\Temp\$_2341235.TMP - Deleted



Folder C:\Program Files\E404 Helper - Removed
Folder C:\Temp\abW9 - Removed
Folder C:\Temp\1cb - Removed
Folder C:\WINDOWS\system32\a1 - Removed
Folder C:\WINDOWS\system32\g2 - Removed
Folder C:\WINDOWS\system32\rMa01yy - Removed

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1333.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-29 17:17:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Daa29]
"Type"=dword:00000001
"Tag"=dword:00000001
"Group"="System Reserved\0Boot Bus Extender\0Security Extender\0System Bus Extender\0SCSI miniport\0Port\0Primary Disk\0SCSI Class\0SCSI CDROM Class\0FSFilter Infrastructure\0FSFilter System\0FSFilter Bottom\0FSFilter Copy Protection\0FSFilter Security Enhancer\0FSFilter Open File\0FSFilter Physical Quota Management\0FSFilter Encryption\0FSFilter Compression\0FSFilter HSM\0FSFilter Cluster File System\0FSFilter System Recovery\0FSFilter Quota Management\0FSFilter Content Screener\0FSFilter Continuous Backup\0FSFilter Replication\0FSFilter Anti-Virus\0FSFilter Undelete\0FSFilter Activity Monitor\0FSFilter Top\0Filter\0Boot File System\0Base\0Pointer Port\0Keyboard Port\0Pointer Class\0Keyboard Class\0Video Init\0Video\0Video Save\0File System\0Event Log\0Streams Drivers\0NDIS Wrapper\0COM Infrastructure\0UIGroup\0LocalValidation\0PlugPlay\0PNP_TDI\0NDIS\0TDI\0wltrysvc\0NetBIOSGroup\0ShellSvcGroup\0SchedulerGroup\0SpoolerGroup\0AudioGroup\0SmartCardGroup\0NetworkProvider\0RemoteValidation\0NetDDEGroup\0Parallel arbitrator\0Extended Base\0PCI Configuration\0MS Transactions\0"
"ErrorControl"=dword:00000001
"Start"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Daa29]
"Type"=dword:00000001
"Tag"=dword:00000001
"Group"="System Reserved\0Boot Bus Extender\0Security Extender\0System Bus Extender\0SCSI miniport\0Port\0Primary Disk\0SCSI Class\0SCSI CDROM Class\0FSFilter Infrastructure\0FSFilter System\0FSFilter Bottom\0FSFilter Copy Protection\0FSFilter Security Enhancer\0FSFilter Open File\0FSFilter Physical Quota Management\0FSFilter Encryption\0FSFilter Compression\0FSFilter HSM\0FSFilter Cluster File System\0FSFilter System Recovery\0FSFilter Quota Management\0FSFilter Content Screener\0FSFilter Continuous Backup\0FSFilter Replication\0FSFilter Anti-Virus\0FSFilter Undelete\0FSFilter Activity Monitor\0FSFilter Top\0Filter\0Boot File System\0Base\0Pointer Port\0Keyboard Port\0Pointer Class\0Keyboard Class\0Video Init\0Video\0Video Save\0File System\0Event Log\0Streams Drivers\0NDIS Wrapper\0COM Infrastructure\0UIGroup\0LocalValidation\0PlugPlay\0PNP_TDI\0NDIS\0TDI\0wltrysvc\0NetBIOSGroup\0ShellSvcGroup\0SchedulerGroup\0SpoolerGroup\0AudioGroup\0SmartCardGroup\0NetworkProvider\0RemoteValidation\0NetDDEGroup\0Parallel arbitrator\0Extended Base\0PCI Configuration\0MS Transactions\0"
"ErrorControl"=dword:00000001
"Start"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Daa29]
"Type"=dword:00000001
"Tag"=dword:00000001
"Group"="System Reserved\0Boot Bus Extender\0Security Extender\0System Bus Extender\0SCSI miniport\0Port\0Primary Disk\0SCSI Class\0SCSI CDROM Class\0FSFilter Infrastructure\0FSFilter System\0FSFilter Bottom\0FSFilter Copy Protection\0FSFilter Security Enhancer\0FSFilter Open File\0FSFilter Physical Quota Management\0FSFilter Encryption\0FSFilter Compression\0FSFilter HSM\0FSFilter Cluster File System\0FSFilter System Recovery\0FSFilter Quota Management\0FSFilter Content Screener\0FSFilter Continuous Backup\0FSFilter Replication\0FSFilter Anti-Virus\0FSFilter Undelete\0FSFilter Activity Monitor\0FSFilter Top\0Filter\0Boot File System\0Base\0Pointer Port\0Keyboard Port\0Pointer Class\0Keyboard Class\0Video Init\0Video\0Video Save\0File System\0Event Log\0Streams Drivers\0NDIS Wrapper\0COM Infrastructure\0UIGroup\0LocalValidation\0PlugPlay\0PNP_TDI\0NDIS\0TDI\0wltrysvc\0NetBIOSGroup\0ShellSvcGroup\0SchedulerGroup\0SpoolerGroup\0AudioGroup\0SmartCardGroup\0NetworkProvider\0RemoteValidation\0NetDDEGroup\0Parallel arbitrator\0Extended Base\0PCI Configuration\0MS Transactions\0"
"ErrorControl"=dword:00000001
"Start"=dword:00000000

scanning hidden registry entries ...

scanning hidden files ...

C:\WINDOWS\system32\drivers\Daa29.sys 178688 bytes executable
C:\WINDOWS\system32\drivers\symavc32.sys 178688 bytes executable

scan completed successfully
hidden processes: 0
hidden services: 1
hidden files: 2


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"\\??\\C:\\WINDOWS\\system32\\winlogon.exe"="\\??\\C:\\WINDOWS\\system32\\winlogon.exe:*:Enabled:explorer"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
"%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\xloader10181.exe"="C:\\Program Files\\xloader10181.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\printer.exe"="C:\\WINDOWS\\system32\\printer.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\spoolvs.exe"="C:\\WINDOWS\\system32\\spoolvs.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\WINDOWS\\shell.exe"="C:\\WINDOWS\\shell.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\Documents and Settings\\Darth\\Start Menu\\Programs\\Startup\\findfast.exe"="C:\\Documents and Settings\\Darth\\Start Menu\\Programs\\Startup\\findfast.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\autorun.exe"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\autorun.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\Documents and Settings\\Jon\\Start Menu\\Programs\\Startup\\findfast.exe"="C:\\Documents and Settings\\Jon\\Start Menu\\Programs\\Startup\\findfast.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\Documents and Settings\\Administrator\\Start Menu\\Programs\\Startup\\findfast.exe"="C:\\Documents and Settings\\Administrator\\Start Menu\\Programs\\Startup\\findfast.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
"%windir%\\system32\\winav.exe"="%windir%\\system32\\winav.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\Program Files\\xloader10181.exe"="C:\\Program Files\\xloader10181.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\printer.exe"="C:\\WINDOWS\\system32\\printer.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\spoolvs.exe"="C:\\WINDOWS\\system32\\spoolvs.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\WINDOWS\\shell.exe"="C:\\WINDOWS\\shell.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\Documents and Settings\\Darth\\Start Menu\\Programs\\Startup\\findfast.exe"="C:\\Documents and Settings\\Darth\\Start Menu\\Programs\\Startup\\findfast.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\autorun.exe"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\autorun.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\Documents and Settings\\Jon\\Start Menu\\Programs\\Startup\\findfast.exe"="C:\\Documents and Settings\\Jon\\Start Menu\\Programs\\Startup\\findfast.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"C:\\Documents and Settings\\Administrator\\Start Menu\\Programs\\Startup\\findfast.exe"="C:\\Documents and Settings\\Administrator\\Start Menu\\Programs\\Startup\\findfast.exe:*:Enabled:mad:xpsp2res.dll,-22019"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"

Remaining Files:
---------------

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

Wed 26 Dec 2007 254 A.SHR --- "C:\BOOT.BAK"
Fri 23 Dec 2005 1,231 A..H. --- "C:\Documents and Settings\Darth\IPH.BAK"
Wed 1 Sep 2004 54,384 A..H. --- "C:\Program Files\America Online 9.0\aolphx.exe"
Wed 1 Sep 2004 156,784 A..H. --- "C:\Program Files\America Online 9.0\aoltray.exe"
Wed 1 Sep 2004 31,344 A..H. --- "C:\Program Files\America Online 9.0\RBM.exe"
Tue 2 Aug 2005 187,904 A.SHR --- "C:\WINDOWS\RGFydGggU3RhbG5ha2Vy\asappsrv.dll"
Sat 24 Dec 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 16 Sep 2007 189 ..SH. --- "C:\WINDOWS\Temp\~rnsetup\defenc.reg"
Sun 16 Sep 2007 52,288 ...HR --- "C:\WINDOWS\Temp\~rnsetup\gtapi.dll"
Sun 16 Sep 2007 144,720 A.SH. --- "C:\WINDOWS\Temp\~rnsetup\nppl3260.dll"
Sun 16 Sep 2007 278,528 ...HR --- "C:\WINDOWS\Temp\~rnsetup\pncrt.dll"
Sun 16 Sep 2007 185,688 A..H. --- "C:\WINDOWS\Temp\~rnsetup\rmoc3260.dll"
Sun 16 Sep 2007 274,432 ..SH. --- "C:\WINDOWS\Temp\~rnsetup\rpds3260.dll"
Sun 16 Sep 2007 86,016 A..HR --- "C:\WINDOWS\Temp\~rnsetup\rpplugprot.dll"
Sun 16 Sep 2007 81,920 A.SH. --- "C:\WINDOWS\Temp\~rnsetup\twebbrowse.dll"
Tue 19 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 22 Apr 2006 0 A.SH. --- "C:\Documents and Settings\Jon\Local Settings\Temp\$b17a2e8.tmp"
Fri 23 Dec 2005 1,860 A..H. --- "C:\Program Files\Common Files\AOL\IPHSend\IPH.BAK"
Sun 16 Sep 2007 49,152 A..HR --- "C:\WINDOWS\Temp\~rnsetup\CDEXTRACT\mmcdda32.dll"
Sun 16 Sep 2007 57,344 ..SHR --- "C:\WINDOWS\Temp\~rnsetup\EPLUGINS\teall.dll"
Sun 16 Sep 2007 61,440 A.SHR --- "C:\WINDOWS\Temp\~rnsetup\EPLUGINS\team4a.dll"
Sun 16 Sep 2007 53,328 A..HR --- "C:\WINDOWS\Temp\~rnsetup\EPRODUCERTOOLS\packetsource.dll"
Sun 16 Sep 2007 86,110 A.SH. --- "C:\WINDOWS\Temp\~rnsetup\EPRODUCERTOOLS\rmsessionformat.dll"
Sun 16 Sep 2007 241,736 ...HR --- "C:\WINDOWS\Temp\~rnsetup\EPRODUCERTOOLS\rmwriter.dll"
Sun 16 Sep 2007 155,648 ..SH. --- "C:\WINDOWS\Temp\~rnsetup\GEMSETUP\gct23201.dll"
Sun 16 Sep 2007 98,304 ..SHR --- "C:\WINDOWS\Temp\~rnsetup\GEMSETUP\rnad3201.dll"
Sun 16 Sep 2007 172,032 ..SHR --- "C:\WINDOWS\Temp\~rnsetup\GEMSETUP\zipf3260.dll"
Sun 16 Sep 2007 135,168 A..HR --- "C:\WINDOWS\Temp\~rnsetup\PDGENCTNOMAD\pdctnomad.dll"
Sun 16 Sep 2007 307,200 A.SH. --- "C:\WINDOWS\Temp\~rnsetup\PDGENWMDM\pdwmdm.dll"
Sun 16 Sep 2007 77,824 ...HR --- "C:\WINDOWS\Temp\~rnsetup\PDMGR\tpdmgr.dll"
Sun 16 Sep 2007 53,248 A.SHR --- "C:\WINDOWS\Temp\~rnsetup\PLAYERPLUGINS\rpappdemon.dll"
Sun 16 Sep 2007 352,256 ...H. --- "C:\WINDOWS\Temp\~rnsetup\PLAYERPLUGINS\rpwe3260.dll"
Sun 16 Sep 2007 53,248 A..HR --- "C:\WINDOWS\Temp\~rnsetup\PLINS\authmgr.dll"
Sun 16 Sep 2007 45,056 ..SHR --- "C:\WINDOWS\Temp\~rnsetup\PLINS\ramfformat.dll"
Sun 16 Sep 2007 176,128 A..H. --- "C:\WINDOWS\Temp\~rnsetup\PLINS\rmfformat.dll"
Sun 16 Sep 2007 57,344 ...HR --- "C:\WINDOWS\Temp\~rnsetup\PLINS\smmrender.dll"
Sun 16 Sep 2007 77,824 ...H. --- "C:\WINDOWS\Temp\~rnsetup\RACODECS\atrc.dll"
Sun 16 Sep 2007 65,536 ..SHR --- "C:\WINDOWS\Temp\~rnsetup\RACODECS\cook.dll"
Sun 16 Sep 2007 106,496 ..SHR --- "C:\WINDOWS\Temp\~rnsetup\RACODECS\sipr.dll"
Sun 16 Sep 2007 147,456 ...HR --- "C:\WINDOWS\Temp\~rnsetup\RJBVIZ\rjbviz.dll"
Sun 16 Sep 2007 335,872 A.SHR --- "C:\WINDOWS\Temp\~rnsetup\RJDLG\rjdlg.dll"
Sun 16 Sep 2007 110,592 A..H. --- "C:\WINDOWS\Temp\~rnsetup\RTPLINS\rtfformat.dll"
Sun 16 Sep 2007 102,400 ...H. --- "C:\WINDOWS\Temp\~rnsetup\RVCODECS\drv1.dll"
Sun 16 Sep 2007 49,152 A.SHR --- "C:\WINDOWS\Temp\~rnsetup\RVCODECS\rv10.dll"
Sun 16 Sep 2007 69,632 ...H. --- "C:\WINDOWS\Temp\~rnsetup\VMPG\mpgfformat.dll"
Sun 16 Sep 2007 176,128 A.SHR --- "C:\WINDOWS\Temp\~rnsetup\WMCOMP\wm9fformat.dll"
Sun 16 Sep 2007 61,440 ...HR --- "C:\WINDOWS\Temp\~rnsetup\WMPLYR\rjwmapln.dll"
Thu 6 Sep 2007 8 A..H. --- "C:\Documents and Settings\Jon\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"
Thu 6 Sep 2007 8 A..H. --- "C:\Documents and Settings\Jon\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"
Fri 7 Sep 2007 8 A..H. --- "C:\Documents and Settings\Jon\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"
Sun 16 Sep 2007 8 A..H. --- "C:\Documents and Settings\Jon\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"

Finished!


And Then............

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:41:22 PM, on 12/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\agent\McAgent.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\wuauclt.exe
E:\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee Anti-Phishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\systems.txt
O22 - SharedTaskScheduler: curdler - {bd0fc212-0a36-4232-83cc-2063fb9282e0} - C:\WINDOWS\system32\qzviz.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Routing and Remote Access RemoteAccessSwPrv (RemoteAccessSwPrv) - Unknown owner - C:\WINDOWS\system32\amstreamf.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe (file missing)
O24 - Desktop Component 1: Desktop Uninstall - C:\WINDOWS\warnhp.html
--
End of file - 5613 bytes
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows 7 "Windows cannot find svchost.exe?" 1
Windows XP Rundll32.exe not responding while shutting down 2
Windows XP Dell PC: c:\WINDOWS\system32\wavojami.dll not valid Windows image 2
Windows XP Windows XP Malware, Please Help. 2
Windows XP Invisible IE windows stealing focus in xp 1
Windows XP internet very unresponsive 2
Windows XP unexplained cpu usage HELP PLEASE 0
Windows XP Regedit and taskmanager will not stay open 3

Top