Jump to content


Photo

Mystery Icon


  • Please log in to reply
17 replies to this topic

#1 gimfrinch

gimfrinch

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 19 June 2006 - 07:40 AM

Strange icon in Control Panel. Looks like a shield with a circle around it...like the moon circling the earth. Has no name and no properties showing. Can't delete it or do anything else with except make shortcuts. Using Windows XP Home Edition. Help, please.

Logfile of HijackThis v1.99.1
Scan saved at 10:16:29 AM, on 6/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Ascentive\ActiveSpeed\AS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
C:\PROGRA~1\TRENDM~1\INTERN~3\PcCtlCom.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~3\Tmntsrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\TRENDM~1\INTERN~3\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~3\tmproxy.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\Kenneth Munn\Desktop\Utilities\PrintKey20.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Ontrack\PowerDesk\PDExplo.exe
C:\DOCUME~1\KENNET~1\LOCALS~1\Temp\~~PDTEMP\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ActiveSpeed] C:\Program Files\Ascentive\ActiveSpeed\AS.exe -b
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: ERUNT AutoBackup.lnk = C:\WINDOWS\ERUNT\AUTOBACK.EXE
O4 - Startup: Shortcut to chaos.lnk = C:\Program Files\Chaos Software\Chaos 6\chaos.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Browster Prefetch On/Off - res://C:\Program Files\Browster\Browster.dll/CustomPrefetchMenu.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.aka...vex-2.0.5.1.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1144606073390
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) - http://h30155.www3.h...edsolutions.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: sunotify - C:\WINDOWS\SYSTEM32\sunotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~3\PcCtlCom.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~3\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~3\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~3\tmproxy.exe

Edited by gimfrinch, 19 June 2006 - 08:17 AM.


#2 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 19 June 2006 - 02:53 PM

Hello,

What happens when you doubleclick that icon in controlpanel? That's the only way to find out with what program it is related. :)
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#3 gimfrinch

gimfrinch

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 20 June 2006 - 01:00 AM

Hello,

What happens when you doubleclick that icon in controlpanel? That's the only way to find out with what program it is related. :)



Hello. Thank you for your reply. When I doubleclick that icon in Control Panel, nothing happens. That's why it's so frustrating. If I try Properties, it shows that the icon is 170 Kb.

#4 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 20 June 2006 - 05:07 AM

Ok, perform next:

Open notepad and copy and paste next present in the quotebox in it:

cd %SystemDrive%\
dir *.cpl /a h /s > cpl.txt
start notepad cpl.txt


Save this as look.bat , choose to save as *all files and place it on your desktop.
It should look like this: Posted Image
Doubleclick on it and notepad should open.
Copy and paste the contents of it in your next reply.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#5 gimfrinch

gimfrinch

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 20 June 2006 - 02:01 PM

Ok, perform next:

Open notepad and copy and paste next present in the quotebox in it:

cd %SystemDrive%\
dir *.cpl /a h /s > cpl.txt
start notepad cpl.txt


Save this as look.bat , choose to save as *all files and place it on your desktop.
It should look like this: Posted Image
Doubleclick on it and notepad should open.
Copy and paste the contents of it in your next reply.



#6 gimfrinch

gimfrinch

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 20 June 2006 - 02:04 PM

Here are the results of what you suggested if I've done correctly.
Gimfrinch


Volume in drive C has no label.
Volume Serial Number is 4CB7-5335

Directory of C:\pebuilder3110a\BartPE\i386\system32

09/03/2002 12:26 PM 66,048 access.cpl
09/03/2002 12:35 PM 121,856 intl.cpl
09/03/2002 12:40 PM 187,904 main.cpl
09/03/2002 12:50 PM 36,864 odbccp32.cpl
09/03/2002 01:06 PM 90,112 timedate.cpl
5 File(s) 502,784 bytes

Directory of C:\Program Files\Common Files\Microsoft Shared\Speech

08/04/2004 12:56 AM 155,648 sapi.cpl
1 File(s) 155,648 bytes

Directory of C:\Program Files\Common Files\System\MSMAPI\1033

07/14/2003 10:43 PM 102,456 MLCFG32.CPL
1 File(s) 102,456 bytes

Directory of C:\Program Files\Java\jre1.5.0_06\bin

11/10/2005 01:03 PM 49,265 jpicpl32.cpl
1 File(s) 49,265 bytes

Directory of C:\Program Files\Microsoft Office\Office12

05/04/2006 06:33 PM 64,784 MLCFG32.CPL
1 File(s) 64,784 bytes

Directory of C:\Program Files\Nero\Nero 7\Nero ImageDrive

01/14/2006 06:25 AM 81,920 ImageDrive.cpl
1 File(s) 81,920 bytes

Directory of C:\Program Files\Nero\Nero 7\Nero Toolkit

10/18/2005 04:31 PM 81,920 NeroBurnRights.cpl
1 File(s) 81,920 bytes

Directory of C:\WINDOWS\$NtServicePackUninstall$

09/03/2002 12:26 PM 66,048 access.cpl
09/03/2002 12:27 PM 578,560 appwiz.cpl
09/03/2002 12:30 PM 129,024 desk.cpl
09/03/2002 12:33 PM 150,016 hdwwiz.cpl
09/03/2002 12:35 PM 292,352 inetcpl.cpl
09/03/2002 12:35 PM 121,856 intl.cpl
09/03/2002 12:37 PM 65,536 joy.cpl
09/03/2002 12:42 PM 559,616 mmsys.cpl
09/03/2002 12:50 PM 256,000 nusrmgr.cpl
09/03/2002 12:50 PM 36,864 odbccp32.cpl
09/03/2002 12:52 PM 109,056 powercfg.cpl
09/03/2002 12:57 PM 147,456 sapi.cpl
09/03/2002 01:05 PM 268,288 sysdm.cpl
09/03/2002 01:06 PM 90,112 timedate.cpl
14 File(s) 2,870,784 bytes

Directory of C:\WINDOWS\$NtUninstallie7beta2$

08/04/2004 01:56 AM 358,400 inetcpl.cpl
1 File(s) 358,400 bytes

Directory of C:\WINDOWS\ServicePackFiles\i386

08/04/2004 01:56 AM 68,608 access.cpl
08/04/2004 01:56 AM 549,888 appwiz.cpl
08/04/2004 01:56 AM 110,592 bthprops.cpl
08/04/2004 01:56 AM 135,168 desk.cpl
08/04/2004 01:56 AM 80,384 firewall.cpl
08/04/2004 01:56 AM 155,136 hdwwiz.cpl
08/04/2004 01:56 AM 358,400 inetcpl.cpl
08/04/2004 01:56 AM 129,536 intl.cpl
08/04/2004 01:56 AM 380,416 irprops.cpl
08/04/2004 01:56 AM 68,608 joy.cpl
08/04/2004 01:56 AM 618,496 mmsys.cpl
08/04/2004 01:56 AM 25,600 netsetup.cpl
08/04/2004 01:56 AM 257,024 nusrmgr.cpl
08/04/2004 01:56 AM 32,768 odbccp32.cpl
08/04/2004 01:56 AM 114,688 powercfg.cpl
08/04/2004 01:56 AM 155,648 sapi.cpl
08/04/2004 01:56 AM 298,496 sysdm.cpl
08/04/2004 01:56 AM 94,208 timedate.cpl
08/04/2004 01:56 AM 148,480 wscui.cpl
08/04/2004 01:56 AM 162,304 wuaucpl.cpl
20 File(s) 3,944,448 bytes

Directory of C:\WINDOWS\system32

08/04/2004 01:56 AM 68,608 access.cpl
01/24/2002 05:10 PM 126,976 ADPanel.cpl
08/04/2004 01:56 AM 549,888 appwiz.cpl
08/04/2004 01:56 AM 110,592 bthprops.cpl
08/11/2005 02:01 AM 1,134,592 CMDVDPak.cpl
07/29/2004 01:56 PM 221,184 cttune.cpl
08/04/2004 01:56 AM 135,168 desk.cpl
08/04/2004 01:56 AM 80,384 firewall.cpl
08/04/2004 01:56 AM 155,136 hdwwiz.cpl
04/13/2006 11:21 PM 1,405,952 inetcpl.cpl
08/04/2004 01:56 AM 129,536 intl.cpl
08/04/2004 01:56 AM 380,416 irprops.cpl
08/04/2004 01:56 AM 68,608 joy.cpl
11/10/2005 02:03 PM 49,265 jpicpl32.cpl
09/03/2002 12:40 PM 187,904 main.cpl
08/04/2004 01:56 AM 618,496 mmsys.cpl
09/03/2002 12:47 PM 35,840 ncpa.cpl
08/04/2004 01:56 AM 25,600 netsetup.cpl
08/04/2004 01:56 AM 257,024 nusrmgr.cpl
07/28/2003 03:19 PM 143,360 nvtuicpl.cpl
08/04/2004 01:56 AM 32,768 odbccp32.cpl
08/04/2004 01:56 AM 114,688 powercfg.cpl
04/08/2004 02:12 PM 323,072 QuickTime.cpl
08/04/2004 01:56 AM 298,496 sysdm.cpl
09/03/2002 01:06 PM 28,160 telephon.cpl
08/04/2004 01:56 AM 94,208 timedate.cpl
08/04/2004 01:56 AM 148,480 wscui.cpl
05/26/2005 05:16 AM 174,360 wuaucpl.cpl
28 File(s) 7,098,761 bytes

Directory of C:\WINDOWS\system32\dllcache

08/04/2004 01:56 AM 68,608 access.cpl
08/04/2004 01:56 AM 549,888 appwiz.cpl
08/04/2004 01:56 AM 110,592 bthprops.cpl
08/04/2004 01:56 AM 135,168 desk.cpl
08/04/2004 01:56 AM 80,384 firewall.cpl
08/04/2004 01:56 AM 155,136 hdwwiz.cpl
04/13/2006 11:21 PM 1,405,952 inetcpl.cpl
08/04/2004 01:56 AM 129,536 intl.cpl
08/04/2004 01:56 AM 380,416 irprops.cpl
08/04/2004 01:56 AM 68,608 joy.cpl
09/03/2002 12:40 PM 187,904 main.cpl
08/04/2004 01:56 AM 618,496 mmsys.cpl
09/03/2002 12:47 PM 35,840 ncpa.cpl
08/04/2004 01:56 AM 25,600 netsetup.cpl
08/04/2004 01:56 AM 257,024 nusrmgr.cpl
08/04/2004 01:56 AM 32,768 odbccp32.cpl
08/04/2004 01:56 AM 114,688 powercfg.cpl
08/04/2004 01:56 AM 298,496 sysdm.cpl
09/03/2002 01:06 PM 28,160 telephon.cpl
08/04/2004 01:56 AM 94,208 timedate.cpl
08/04/2004 01:56 AM 148,480 wscui.cpl
05/26/2005 05:16 AM 174,360 wuaucpl.cpl
22 File(s) 5,100,312 bytes

Directory of C:\WINDOWS\WinSxS\Policies

04/11/2006 04:53 PM <DIR> x86_policy.7.0.Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_x-ww_a317e4b3
0 File(s) 0 bytes

Total Files Listed:
96 File(s) 20,411,482 bytes
1 Dir(s) 36,097,679,360 bytes free

#7 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 20 June 2006 - 03:12 PM

I don't see any suspicious ones here, so that cpl file you are seeing in your control panel is a legit one.

Is this only a recent one you noticed there?

The only latest cpl files that were created are next:

present in your system32-folder:

CMDVDPak.cpl
jpicpl32.cpl
inetcpl.cpl

Present in C:\Program Files\Nero\Nero 7\Nero ImageDrive:

ImageDrive.cpl

Present in: C:\Program Files\Nero\Nero 7\Nero Toolkit:

NeroBurnRights.cpl

Don't delete those!! Just rightclick them and choose to open with controlpanel. Let me know if one of them didn't load either.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#8 gimfrinch

gimfrinch

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 21 June 2006 - 02:26 PM

I don't see any suspicious ones here, so that cpl file you are seeing in your control panel is a legit one.

Is this only a recent one you noticed there?

The only latest cpl files that were created are next:

present in your system32-folder:

CMDVDPak.cpl
jpicpl32.cpl
inetcpl.cpl

Present in C:\Program Files\Nero\Nero 7\Nero ImageDrive:

ImageDrive.cpl

Present in: C:\Program Files\Nero\Nero 7\Nero Toolkit:

NeroBurnRights.cpl

Don't delete those!! Just rightclick them and choose to open with controlpanel. Let me know if one of them didn't load either.



#9 gimfrinch

gimfrinch

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 21 June 2006 - 02:29 PM

I don't see any suspicious ones here, so that cpl file you are seeing in your control panel is a legit one.

Is this only a recent one you noticed there?

The only latest cpl files that were created are next:

present in your system32-folder:

CMDVDPak.cpl
jpicpl32.cpl
inetcpl.cpl

Present in C:\Program Files\Nero\Nero 7\Nero ImageDrive:

ImageDrive.cpl

Present in: C:\Program Files\Nero\Nero 7\Nero Toolkit:

NeroBurnRights.cpl

Don't delete those!! Just rightclick them and choose to open with controlpanel. Let me know if one of them didn't load either.



#10 gimfrinch

gimfrinch

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 21 June 2006 - 02:33 PM

Wow. Thanks, miekiemoes, for staying with me. Tried all the files you suggested. All loaded okay, except one: NeroBurnRights.cpl. In fact, I can't even find that file. Does that mean something? (Duh.)

#11 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 21 June 2006 - 02:43 PM

How do you mean, you can't even find that file?
NeroBurnRights.cpl is present in your C:\Program Files\Nero\Nero 7\Nero Toolkit - folder, otherwise it wouldn't show in the log.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#12 gimfrinch

gimfrinch

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 21 June 2006 - 03:59 PM

How do you mean, you can't even find that file?
NeroBurnRights.cpl is present in your C:\Program Files\Nero\Nero 7\Nero Toolkit - folder, otherwise it wouldn't show in the log.



#13 gimfrinch

gimfrinch

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 21 June 2006 - 04:00 PM

Yep, you are right. NeroBurnRights.cpl did show up. So, all of them loaded.
Next?

#14 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 21 June 2006 - 04:10 PM

Do you have a screenshot of how the file in control panel looks like?
One thing is for sure, it is a legit file, because I can't see any bad cpl files present. So you really don't have to worry here. Don't fix when it aint broken.
As I also asked before, is this icon there recently? Because I overlooked this one that was installed 2 months ago:

MLCFG32.CPL present in C:\Program Files\Microsoft Office\Office12

But please don't start with deleting anything! It would be better if I have a screenshot how the icon looks like, maybe I recognise the program.

Also, when you reply, please use the add reply button below. No need to quote my post all the time, I know what I wrote. :)
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#15 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 21 June 2006 - 04:56 PM

Can you try next?

Download and install ShellObjectEditor
Install it.
Then start the program and in the window, rightclick and choose expert mode.
This should load the icons present in controlpanel with the location, name and target. That should give you more info.
Don't delete anything!
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#16 gimfrinch

gimfrinch

    Member

  • Full Member
  • Pip
  • 10 posts

Posted 21 June 2006 - 11:45 PM

Miekiemoes:
Thank you, thank you. The ShellObjectEditor didn't show the "Mystery Icon," but gave me enough information to track it down. My guess it's a piece of an old Iomega Zip software program called "Active Disc." I downloaded the newer version of Iomega's "Active Disc" and the "Mystery Icon" disappeared. You were correct again in pointing out it was harmless. Just bugged me that I couldn't get rid of it. Never in a million years would I have discovered this without your patient help. My thanks again.

#17 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 21 June 2006 - 11:53 PM

Glad I could help. :)
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#18 Leowiz

Leowiz

    Member

  • Full Member
  • Pip
  • 9 posts

Posted 22 June 2006 - 10:54 AM

Glad I could help. :)


miekiemoes, you seem to know a lot about windows. Awsome job; it was fun reading this thread.




Member of UNITE
Support SpywareInfo Forum - click the button