XP update problems Malware ?

  crispins 17:35 20 Jan 06
Locked

Havig serious problems getting a friends system running.
Started with Spyace & Spyware strike.
Have run XP SP1 repair will not allow access to windows firewall,update to service pack2 or installation of AVG among others. Could an expert out there look at this HJT log and comment. If I need to access Registry please give detail as its new territory.

Thanks

Logfile of HijackThis v1.99.1
Scan saved at 17:05:33, on 20/01/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe

F:\HiJackThis\HijackThis.exe

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file missing)

O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\System32\hp68FB.tmp (file missing)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx

O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe

O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe

O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

O4 - HKLM\..\Run: [adiras] adiras.exe

O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "F:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll

O15 - Trusted Zone: click here (HKLM)

O15 - Trusted Zone: click here (HKLM)

O15 - Trusted Zone: click here (HKLM)

O15 - Trusted Zone: click here (HKLM)

O15 - Trusted Zone: click here (HKLM)

O15 - Trusted Zone: click here (HKLM)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - click here

O16 - DPF: {33331111-1111-1111-1111-611111193423} - click here

O16 - DPF: {33331111-1111-1111-1111-611111193429} - click here

O16 - DPF: {33331111-1111-1111-1111-615111193427} -

O16 - DPF: {33331111-1131-1111-1111-611111193428} -

O16 - DPF: {33331111-1234-1111-1111-615111193427} - click here

O16 - DPF: {43331111-1111-1111-1111-611111195622} - click here

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - click here

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - click here

O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34546} - (no file)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - F:\Program Files\Spyware Doctor\sdhelp.exe (file missing)

  rawprawn 17:38 20 Jan 06

You would be much better posting the HJT Log
click here where experts can look at it.

  VoG II 17:38 20 Jan 06

I suggest that you post this on the Malware Removal forum click here where the HJT gurus hang out.

  crispins 18:04 20 Jan 06

Thanks for that will keep you informed

  VoG II 18:50 20 Jan 06

I see that you've posted over there. Just a tip - don't be tempted to 'bump' your thread if it doesn't get a response for a while. The admins look for threads with zero replies to assign a helper (it isn't like here, where anybody can pitch-in).

  VoG II 23:06 20 Jan 06

Crikey! If click here is your thread then you are being helped by the best on the net.

  crispins 23:08 01 Feb 06

Just to say I got there in the end, was struggling for a while but thanks to the Nellie2 it came out right in the end.

Thanks once again for pointing me in the right direction.

This thread is now locked and can not be replied to.

Nintendo Switch review: Hands-on with the intuitive modular console and its disappointing games…

1995-2015: How technology has changed the world in 20 years

This abstract video touches on division in our technologic world

Best alternatives to iTunes for Mac | Best music players for macOS: Free your music from the…