Welcome to the TechSpot OpenBoards. Please read the FAQ if you have any questions. Login to participate.
|
|||||||
I have no task manager, reg edit, right click options
 |
|
Thread Tools |
|
#1
03-05-2006
|
||||
|
||||
|
I have no task manager, reg edit, right click options
I had several spywares/ adwares on my sons comp. Using Ad Aware, Spybot, Norton and Microsoft Beta I removed or so I thought everything from ucmore to the real pain surf sidekick3. Although my sons comp no longer has 10 pop ups per second I cannot get the task manager or reg edit or any right click options to work. I do have a hijack this log which I will include. Can someone help me with this? All is appreciated.
Logfile of HijackThis v1.99.1 Scan saved at 2:32:59 PM, on 3/5/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\system32\CTXFIHLP.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\AOL\1135533438\ee\aolsoftware.exe C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe C:\Program Files\America Online 9.0\waol.exe c:\program files\common files\aol\1135533438\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe c:\program files\common files\aol\1135533438\ee\aolsoftware.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\America Online 9.0\shellmon.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\New\LOCALS~1\Temp\Rar$EX00.171\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing) O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1135533438\ee\AOLHostManager.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [ReJf5vH] C:\WINDOWS\iytls.exe O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b O4 - Global Startup: svchost.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing) O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe 
|
|
#2
03-05-2006
|
|||
|
|||
|
Hello and welcome to Techspot.
Go and read both these threads by RBS. Follow all the instructions exactly. How to remove Trojans and its ilk! and How to remove Begin2search / coolwebsearch and other nasties. Then see. How to post your Hijackthis log-file as an ATTACHMENT. Only post a fresh HJT log, after doing the above. Regards Howard 
|
| You can remove this banner by registering, join the TS Community for free. |
|
|
|
|
#3
03-07-2006
|
||||
|
||||
|
Thank you for the instructions, it is obvious that this is my first post. I have attached both a fresh hijack this log as well as an exido file. I am hoping you might be able to give me some advice as to how to fix my task manager, regedit, cmd and right click options. Thanks for the time and patience.
Last edited by NicciZ; 03-08-2006 at 02:02 PM.
|
|
#4
03-08-2006
|
|||
|
|||
|
I can`t see a HJT log attachment.
Regards Howard 
|
|
| Thread Tools | |
|
| Similar Topics | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Disabled Task Manager, Possible Dialer Spyware? | zanybrat | Security and the Web | 1 | 01-17-2006 07:34 PM |
| No Task Manager, No access to Display options, ymessnger killed on startup | shilp | Security and the Web | 1 | 11-10-2005 10:15 AM |
| MSN Dial-Up error message: 31 | RoomajiiWoman | Misc. Software & Utilities | 2 | 07-30-2005 10:34 PM |
| Windows Protection Error | E_Saint | Windows OS | 1 | 01-07-2005 12:59 PM |
| Restart Trouble | Unholywater | Windows OS | 8 | 06-24-2003 11:57 AM |
All times are GMT -4. The time now is 12:22 PM.
