View Single Post
  #3  
Old June 6th, 2008, 02:20 AM
Nicholas_Roge Nicholas_Roge is offline
New Member
 
Join Date: Jun 2008
Posts: 6
Before you look at all the crap I have below, I'd just like to let you know that I can access my control panel now without the rundll error. Whatever that first program does appears to have also fixed that. It also fixed my files so that I don't have to use open with anymore. If you still want to take a look at all the crap below, you're more than welcome to, but as far as I can tell, my problems are fixed. If you don't want to take a look at them, thank you for all your help. I'm very grateful.
__________________________________________________ __________________________________________________ _______________________
Main.txt:

Deckard's System Scanner v20071014.68
Run by Compaq_Owner on 2008-06-05 20:13:04
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Backed up registry hives.



-- HijackThis (run as Compaq_Owner.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:14:31 PM, on 6/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ColdFusion8\jnbridge\CF8DotNetsvc.exe
C:\ColdFusion8\runtime\bin\jrunsvc.exe
C:\ColdFusion8\jnbridge\JNBDotNetSide.exe
C:\ColdFusion8\db\slserver54\bin\swagent.exe
C:\ColdFusion8\runtime\bin\jrun.exe
C:\ColdFusion8\db\slserver54\bin\swstrtr.exe
C:\ColdFusion8\db\slserver54\bin\swsoc.exe
C:\ColdFusion8\verity\k2\_nti40\bin\k2admin.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Documents and Settings\Compaq_Owner\desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Compaq_Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
O2 - BHO: (no name) - {8E04E31B-2A04-459C-92DC-DBFD74D35876} - C:\WINDOWS\system32\efcYRKET.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1202950536209
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtuuoli - awtuUolI.dll (file missing)
O20 - Winlogon Notify: pmnnLCrr - pmnnLCrr.dll (file missing)
O20 - Winlogon Notify: vhtlhmeg - vhtlhmeg.dll (file missing)
O21 - SSODL: WebProxy - {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll (file missing)
O22 - SharedTaskScheduler: jhsf8d984jief8dsfus98jkefn - {C5AF49A2-94F3-42BD-F434-2604812C897D} - (no file)
O23 - Service: McAfee Application Installer Cleanup (0134091212666626) (0134091212666626mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\013409~1.EXE
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ColdFusion 8 .NET Service - Unknown owner - C:\ColdFusion8\jnbridge\CF8DotNetsvc.exe
O23 - Service: ColdFusion 8 Application Server - Macromedia Inc. - C:\ColdFusion8\runtime\bin\jrunsvc.exe
O23 - Service: ColdFusion 8 ODBC Agent - Unknown owner - C:\ColdFusion8\db\slserver54\bin\swagent.exe
O23 - Service: ColdFusion 8 ODBC Server - Unknown owner - C:\ColdFusion8\db\slserver54\bin\swstrtr.exe
O23 - Service: ColdFusion 8 Search Server - Verity, Inc. - C:\ColdFusion8\verity\k2\_nti40\bin\k2admin.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\McShield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\spools.exe (file missing)
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

--
End of file - 10941 bytes

-- File Associations -----------------------------------------------------------

.js - jsfile - DefaultIcon - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe",7
.js - jsfile - shell\open\command - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
.scr - scrfile - shell\open\command - "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 StyleXPHelper - c:\program files\tgtsoft\stylexp\stylexphelper.exe <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>

S0 osv60 - c:\windows\system32\drivers\osv60.sys (file missing)
S3 RT25USBAP (Nintendo Wi-Fi USB Connector Service) - c:\windows\system32\drivers\rt25usbap.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Autodesk Licensing Service - "c:\program files\common files\autodesk shared\service\adskscsrv.exe" <Not Verified; Autodesk; Autodesk Licensing Service>
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762 ##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 ColdFusion 8 .NET Service - c:\coldfusion8\jnbridge\cf8dotnetsvc.exe
R2 ColdFusion 8 Application Server - "c:\coldfusion8\runtime\bin\jrunsvc.exe" <Not Verified; Macromedia Inc.; Macromedia JRun Application Server>
R2 ColdFusion 8 ODBC Agent - c:\coldfusion8\db\slserver54\bin\swagent.exe "coldfusion 8 odbc agent"
R2 ColdFusion 8 ODBC Server - c:\coldfusion8\db\slserver54\bin\swstrtr.exe "coldfusion 8 odbc server"
R2 ColdFusion 8 Search Server - "c:\coldfusion8\verity\k2\_nti40\bin\k2admin.e xe" -cfg "c:\coldfusion8\verity\k2\common\verity.cfg" -ntstart 1 <Not Verified; Verity, Inc.; Verity K2 Toolkit>
R2 StarWindServiceAE (StarWind AE Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>
R2 StyleXPService - "c:\program files\tgtsoft\stylexp\stylexpservice.exe" <Not Verified; ; StyleXPService Module>

S2 Schedule (Task Scheduler) - c:\windows\system32\drivers\spools.exe (file missing)
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S3 WLSetupSvc (Windows Live Setup Service) - "c:\program files\windows live\installer\wlsetupsvc.exe" <Not Verified; Microsoft Corporation; Windows Live installer>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-01 01:00:25 346 --a------ C:\WINDOWS\Tasks\McQcTask.job
2008-05-31 14:41:03 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-05-29 17:00:00 478 --a------ C:\WINDOWS\Tasks\SyncBackSE Backup Hard Drive C.job
2008-05-15 01:55:43 354 --a------ C:\WINDOWS\Tasks\McDefragTask.job


-- Files created between 2008-05-05 and 2008-06-05 -----------------------------

2008-06-05 19:44:45 239104 --a------ C:\WINDOWS\system32\regedit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-05 19:21:56 0 d-------- C:\Program Files\RegistryFix6
2008-06-05 17:25:32 0 d-------- C:\Documents and Settings\All Users\Application Data\RH_Backups
2008-06-05 17:23:11 0 d-------- C:\Program Files\RegistryHealer
2008-06-05 17:22:52 0 d-------- C:\Program Files\RegHealer
2008-06-05 14:59:00 0 d-------- C:\WINDOWS\Caps
2008-06-05 14:58:48 0 d-------- C:\Program Files\RapidLeecher Ultimate 2007
2008-06-05 06:50:21 0 d-------- C:\WINDOWS\LastGood
2008-06-04 20:46:52 0 d-------- C:\WUTemp
2008-06-04 20:46:51 0 d-------- C:\WINDOWS\system32\New Folder <NEWFOL~1>
2008-06-04 20:46:47 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-06-04 20:46:47 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-06-04 20:46:47 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-06-04 20:46:47 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-06-04 20:46:47 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-04 20:46:47 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-06-04 20:46:47 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-06-04 20:46:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2008-06-04 20:46:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2008-06-04 20:46:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\SampleView
2008-06-04 20:46:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-06-04 20:46:47 0 d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2008-06-03 21:25:53 0 d-------- C:\Program Files\Trend Micro
2008-06-03 06:35:54 593920 --a------ C:\WINDOWS\system32\libeay32.dll <Not Verified; Support.com, Inc.; SSL Module>
2008-06-02 19:53:43 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-06-02 19:53:43 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-06-02 19:53:43 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-02 19:53:43 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2008-06-02 19:53:43 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2008-06-02 19:53:43 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-02 19:53:43 0 d-------- C:\Documents and Settings\Administrator\Application Data\Intervideo
2008-06-02 19:53:42 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-06-02 19:53:42 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-02 19:53:42 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-02 19:53:41 1572864 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-02 19:01:32 2 --a------ C:\-1325515133
2008-06-02 19:01:27 5120 --a------ C:\waxd.exe
2008-06-02 19:01:09 7680 --a------ C:\vuqs.exe
2008-06-02 19:01:02 75776 --a------ C:\axer.exe
2008-05-31 16:38:50 2318592 --a------ C:\WINDOWS\system32\kernel1.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

Last edited by Nicholas_Roge; June 6th, 2008 at 02:34 AM.