Virus problem?

[VjuliusT]

Well to make a long story short, I can't open my control panel (s? or w/e it is in English) nor install window updates. As you may have foreseen (s?), I'm in a deep need of help.

 

 

 

Edit: forgot to mention that I'm running windows vista home premium.

 

 

 

Edit2: Can't scan "System" with my antivirus program as well (F-secure).

 

 

 

Edit3: Taskmanager isn't working now either.

 

 

 

[hide=Hijackthislog?]

Logfile of Trend Micro HijackThis v2.0.2

 

Scan saved at 18:45:02, on 2008-12-12

 

Platform: Windows Vista SP1 (WinNT 6.00.1905)

 

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

 

Boot mode: Normal

 

 

 

Running processes:

 

C:\Windows\system32\Dwm[Caution: Executable File]

 

C:\Windows\Explorer[Caution: Executable File]

 

C:\Program Files\Windows Defender\MSASCui[Caution: Executable File]

 

C:\hp\support\hpsysdrv[Caution: Executable File]

 

C:\Windows\system32\wuauclt[Caution: Executable File]

 

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif[Caution: Executable File]

 

C:\Windows\RtHDVCpl[Caution: Executable File]

 

C:\Windows\System32\iid[Caution: Executable File]

 

C:\Program Files\F-Secure Internet Security\Common\FSM32[Caution: Executable File]

 

C:\Windows\system32\Taskmgr[Caution: Executable File]

 

C:\Program Files\Razer\DeathAdder\razerhid[Caution: Executable File]

 

C:\Program Files\Common Files\Logitech\G-series Software\LGDCore[Caution: Executable File]

 

C:\Windows\System32\hkcmd[Caution: Executable File]

 

C:\Windows\System32\igfxpers[Caution: Executable File]

 

C:\Windows\ehome\ehtray[Caution: Executable File]

 

C:\Users\Anderbecken\AppData\Local\Google\Update\GoogleUpdate[Caution: Executable File]

 

C:\Windows\system32\igfxsrvc[Caution: Executable File]

 

C:\Windows\ehome\ehmsas[Caution: Executable File]

 

C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll[Caution: Executable File]

 

C:\Program Files\Razer\DeathAdder\razerofa[Caution: Executable File]

 

C:\Program Files\Windows Media Player\wmpnscfg[Caution: Executable File]

 

C:\hp\kbd\kbd[Caution: Executable File]

 

C:\Users\Anderbecken\AppData\Local\Google\Chrome\Application\chrome[Caution: Executable File]

 

C:\Users\Anderbecken\AppData\Local\Google\Chrome\Application\chrome[Caution: Executable File]

 

C:\Users\Anderbecken\AppData\Local\Google\Chrome\Application\chrome[Caution: Executable File]

 

C:\Windows\system32\SearchFilterHost[Caution: Executable File]

 

C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File]

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ois.o.se/

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

 

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

 

O1 - Hosts: ::1 localhost

 

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

 

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

 

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

 

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

 

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

 

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

 

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui[Caution: Executable File] -hide

 

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv[Caution: Executable File]

 

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub[Caution: Executable File]

 

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif[Caution: Executable File]"

 

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl[Caution: Executable File]

 

O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode

 

O4 - HKLM\..\Run: [Net iD] C:\Windows\system32\iid[Caution: Executable File]

 

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32[Caution: Executable File]" /splash

 

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil[Caution: Executable File]" /CHECKALL /WAITFORSW

 

O4 - HKLM\..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid[Caution: Executable File]

 

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore[Caution: Executable File]" /SHOWHIDE

 

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\lcdmon[Caution: Executable File]"

 

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray[Caution: Executable File]

 

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd[Caution: Executable File]

 

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers[Caution: Executable File]

 

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher[Caution: Executable File]

 

O4 - HKCU\..\Run: [ehTray[Caution: Executable File]] C:\Windows\ehome\ehTray[Caution: Executable File]

 

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon[Caution: Executable File]" -autorun

 

O4 - HKCU\..\Run: [Google Update] "C:\Users\Anderbecken\AppData\Local\Google\Update\GoogleUpdate[Caution: Executable File]" /c

 

O4 - HKCU\..\Run: [MzCpuAccelerator] C:\Program Files\MZ U.T\MzCpuAccelerator[Caution: Executable File]

 

O4 - HKCU\..\Run: [MzRamBooster] C:\Program Files\MZ U.T\MzRamBooster[Caution: Executable File]

 

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG[Caution: Executable File]

 

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar[Caution: Executable File] /detectMem (User '?')

 

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32[Caution: Executable File] oobefldr.dll,ShowWelcomeCenter (User '?')

 

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar[Caution: Executable File] /detectMem (User '?')

 

O4 - HKUS\S-1-5-21-3765526029-2810085063-2215413085-1001\..\Run: [ehTray[Caution: Executable File]] C:\Windows\ehome\ehTray[Caution: Executable File] (User '?')

 

O4 - HKUS\S-1-5-21-3765526029-2810085063-2215413085-1001\..\Run: [MzRamBooster] C:\Program Files\MZ U.T\MzRamBooster[Caution: Executable File] (User '?')

 

O4 - HKUS\S-1-5-21-3765526029-2810085063-2215413085-1001\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG[Caution: Executable File] (User '?')

 

O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr[Caution: Executable File]" /background (User '?')

 

O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr[Caution: Executable File]" /background (User 'Default user')

 

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL[Caution: Executable File]/3000

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

 

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

 

O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

 

O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

 

O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

 

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

 

O13 - Gopher Prefix:

 

O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService[Caution: Executable File]

 

O23 - Service: Automatisk LiveUpdate-schemaläggare - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc[Caution: Executable File] (file missing)

 

O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService[Caution: Executable File]

 

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st[Caution: Executable File]

 

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService[Caution: Executable File]

 

O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua[Caution: Executable File]

 

O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\com hem security\backweb\8910145\program\fsbwsys[Caution: Executable File]

 

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd[Caution: Executable File]

 

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32[Caution: Executable File]

 

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService[Caution: Executable File]

 

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon[Caution: Executable File]

 

O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf[Caution: Executable File]

 

O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM[Caution: Executable File]

 

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc[Caution: Executable File]

 

O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver[Caution: Executable File]

 

O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL[Caution: Executable File]

 

O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service[Caution: Executable File]

 

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService[Caution: Executable File]

 

O23 - Service: stllssvr - Unknown owner - c:\Program Files\Common Files\SureThing Shared\stllssvr[Caution: Executable File] (file missing)

 

O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: Executable File] (file missing)

 

 

 

--

 

End of file - 9520 bytes

 

/code][/hide]

[VARN]

What exactly happens when you try to open the control panel? Does it open then close or opens and there are not any icons?

 

 

 

When you say you cannot open task manager is the option grayed out? Have you tried ctrl shift esc?

[VjuliusT]

Well the window opems up but it quickly get's killed (I can't spot any options before it dies).

 

 

 

Nothing happens when I press alt-shift-esc, when I press alt-ctrl-delete I can reach the menu and activate the taskmanager (A option) but it doesn't appear.

[D. V. Devnull]

Here's some questions for you...

 

 

 

Can you call up your Registry Editor?

 

Can you get to "Add/Remove Programs" through methods other than your Control Panel?

 

What sites have you browsed to recently?

 

What were the last 5 programs you installed?

 

 

 

~D. V. "Whatever is happening, it's really freaky..." Devnull

[VARN]

Go to Start, all programs, accessories right click command prompt and run as administrator type

sfc /scannow

 

This will check if slsvc[Caution: Executable File] is corrupt.

[VjuliusT]

^ It says it's several damaged files that can't be repaired and it tells me to read the "CBS.log" but I'm not permitted to do so when I'm trying to open it (I'm on the administrator account).

 

 

 

Edit: Got it opened but the text file is so large that my browser crashes when I'm trying to paste it over here.

 

 

 

Here's some questions for you...

 

 

 

Can you call up your Registry Editor?

 

Yes.

 

Can you get to "Add/Remove Programs" through methods other than your Control Panel?

 

Nope

 

What sites have you browsed to recently?

 

Normal forums,news sites and a slightly illegal site (I've been a member there for several years).

 

What were the last 5 programs you installed?

 

Daemon tools

 

KeyCraft (Old starcraft hotkey editing program, 100% it's safe)

 

Friend installed "Mz Ultimate Tweaker", I don't find it effective though.

 

FL studio 8 XXL (Actually got it as a gift from my father (Legal))

 

Photoshop CS3 extended (On a meh way :P, used it for over a half year now though).

 

 

 

~D. V. "Whatever is happening, it's really freaky..." Devnull

[VARN]

Type this in the elevated command prompt and you should find a file called sfcdetails.txt with the information from the scan.

findstr /C:"[sR] Cannot repair member file" %windir%\logs\cbs\cbs.log >sfcdetails.txt

[VjuliusT]

I'm afraid that nothing happens.

 

 

 

Could it be because I just copy pasted it into the cmd before "C:\Windows\system32", I forgot how to make it empty and it's like that on startup.

[VARN]

If this was displayed, C:\Windows\system32\, that is where the file would have been created. Search the folder.

[VjuliusT]

Oh, my bad in that case. I'll search through the folder when I get back home and report back here :thumbup:.