Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Or Corruption?


  • Please log in to reply
2 replies to this topic

#1 phreshfury

phreshfury

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 06 August 2007 - 08:59 PM

hi im trying to post,im new,and when i try 2 upload,it says that its uploading or processing,but never finishes!any ideas??
Logfile of HijackThis v1.99.0
Scan saved at 6:06:31 PM, on 8/6/2007
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
C:\WINNT\System32\CTsvcCDA.exe
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Dell\Resolution Assistant\Common\bin\RxMon.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\System32\mspmspsv.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\devldr32.exe
C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\mad.exe
C:\program files\quicktime\qttask.exe
C:\Program Files\Navnt\navapw32.exe
C:\Program Files\AOL Companion\companion.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Documents and Settings\Administrator\DESKTOP\dl\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {01EB8682-DD50-5E7E-9F9C-4E9E13BBEC0D} - (no file)
O2 - BHO: (no name) - {1477DA7E-F8D0-CDF6-27CD-F58D0060CEB9} - (no file)
O2 - BHO: (no name) - {16C63D01-E8AF-5519-684A-B10FBCDD8462} - (no file)
O2 - BHO: (no name) - {1DCC9880-A0E3-DB04-3678-CE5B51DA3D08} - (no file)
O2 - BHO: (no name) - {1F52F8E8-7442-DCD0-7282-4BF802CAFE93} - (no file)
O2 - BHO: (no name) - {2BFA43E5-567C-3985-B2AB-D27090100852} - (no file)
O2 - BHO: (no name) - {2CC6A517-A3F6-E8B0-E2EF-D78734877AC5} - (no file)
O2 - BHO: (no name) - {3370A1ED-A77F-A3EB-566C-9C20AF5D68C3} - (no file)
O2 - BHO: (no name) - {3687878B-402E-ACA3-3391-D0130B1D102E} - (no file)
O2 - BHO: (no name) - {42AEAC21-DF9F-FCA5-7B34-CF46BD770715} - (no file)
O2 - BHO: (no name) - {48FF3F3E-B4D5-6264-AF00-4AC7F1D558A6} - (no file)
O2 - BHO: (no name) - {5177DA3A-9646-840E-3DEE-EB80FE7F0E29} - (no file)
O2 - BHO: (no name) - {677E4BD4-1145-B378-2358-27E48B410FBB} - (no file)
O2 - BHO: (no name) - {6ED7881C-15E8-9C0E-4F52-AC2FEF0427E5} - (no file)
O2 - BHO: (no name) - {7E35F01F-FFA7-93BC-CB99-47DC9626D23F} - (no file)
O2 - BHO: (no name) - {7E7F3E35-F793-B374-43B9-5E872A7402AA} - (no file)
O2 - BHO: (no name) - {7F1A34F6-DB1F-391C-9E4E-FEB8A8286B5A} - (no file)
O2 - BHO: Class - {9339610F-91BB-7852-C5A0-226345097177} - C:\WINNT\ipvs.dll (file missing)
O2 - BHO: Class - {A9536800-9968-5168-DF54-DA2FC631C934} - C:\WINNT\system32\netge.dll (file missing)
O2 - BHO: Class - {B065A550-B064-B91F-FEE5-CDCDCEAC9A93} - C:\WINNT\system32\syssg32.dll (file missing)
O2 - BHO: Class - {CBB31759-C75F-72FA-7079-BC0CC16C8A1B} - C:\WINNT\system32\netph32.dll (file missing)
O2 - BHO: (no name) - {D0594E02-F862-7CD8-C71E-026EB4FD1744} - (no file)
O2 - BHO: Class - {D77F33B9-B040-1BE0-D766-2FA3C34403E2} - C:\WINNT\sdkjn32.dll (file missing)
O2 - BHO: Class - {D85418C7-DB33-E383-5FD0-13F4ABBD480C} - C:\WINNT\system32\mfclr.dll (file missing)
O2 - BHO: Class - {DCE7C091-286C-4E1F-D832-8B2CFD0070B8} - C:\WINNT\netfz32.dll (file missing)
O2 - BHO: Class - {E347DECF-0284-9D9E-33BB-E902B9380433} - C:\WINNT\system32\apiiz.dll (file missing)
O2 - BHO: Class - {F58D0060-EB9C-69B5-324F-35CDA7710A7E} - C:\WINNT\netmq32.dll (file missing)
O2 - BHO: Class - {F78E2035-9BEF-18DD-0904-390428A4499F} - C:\WINNT\iplw32.dll (file missing)
O2 - BHO: Class - {F798739A-7E73-7FD2-2E8D-0AC38CB0932A} - C:\WINNT\system32\mfcci32.dll (file missing)
O2 - BHO: Class - {FC7FE60B-5F53-04EE-D392-70AD25A4A72D} - C:\WINNT\system32\ipty32.dll (file missing)
O2 - BHO: Class - {FE91FB5B-3238-070C-109F-53B8456A7736} - C:\WINNT\system32\ieps.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (file missing)
O4 - HKLM\..\Run: [madexe] C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\mad.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\program files\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Navnt\navapw32.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINNT\System32\shdocvw.dll
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4047/ftp...23/cpbrkpie.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF1C9A00-39CA-4823-AD05-CC4E5AE277F1}: NameServer = 4.2.2.1,4.2.2.2
O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTsvcCDA.exe
O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
O23 - Service: Service Request Monitor - Dell Computer Corporation - C:\Program Files\Dell\Resolution Assistant\Common\bin\RxMon.exe
O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINNT\wanmpsvc.exe

BC AdBot (Login to Remove)

 


#2 phreshfury

phreshfury
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 06 August 2007 - 09:31 PM

slow computer,cant access certain programs-like 2 yrs of my maya!!!sound will work not work work!!!i do virus scans,adaware and spybot please help!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:25:18 PM, on 8/6/2007
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
C:\WINNT\System32\CTsvcCDA.exe
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Dell\Resolution Assistant\Common\bin\RxMon.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\System32\mspmspsv.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\devldr32.exe
C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\mad.exe
C:\program files\quicktime\qttask.exe
C:\Program Files\Navnt\navapw32.exe
C:\Program Files\AOL Companion\companion.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\WBEM\WinMgmt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {01EB8682-DD50-5E7E-9F9C-4E9E13BBEC0D} - (no file)
O2 - BHO: (no name) - {1477DA7E-F8D0-CDF6-27CD-F58D0060CEB9} - (no file)
O2 - BHO: (no name) - {16C63D01-E8AF-5519-684A-B10FBCDD8462} - (no file)
O2 - BHO: (no name) - {1DCC9880-A0E3-DB04-3678-CE5B51DA3D08} - (no file)
O2 - BHO: (no name) - {1F52F8E8-7442-DCD0-7282-4BF802CAFE93} - (no file)
O2 - BHO: (no name) - {2BFA43E5-567C-3985-B2AB-D27090100852} - (no file)
O2 - BHO: (no name) - {2CC6A517-A3F6-E8B0-E2EF-D78734877AC5} - (no file)
O2 - BHO: (no name) - {3370A1ED-A77F-A3EB-566C-9C20AF5D68C3} - (no file)
O2 - BHO: (no name) - {3687878B-402E-ACA3-3391-D0130B1D102E} - (no file)
O2 - BHO: (no name) - {42AEAC21-DF9F-FCA5-7B34-CF46BD770715} - (no file)
O2 - BHO: (no name) - {48FF3F3E-B4D5-6264-AF00-4AC7F1D558A6} - (no file)
O2 - BHO: (no name) - {5177DA3A-9646-840E-3DEE-EB80FE7F0E29} - (no file)
O2 - BHO: (no name) - {677E4BD4-1145-B378-2358-27E48B410FBB} - (no file)
O2 - BHO: (no name) - {6ED7881C-15E8-9C0E-4F52-AC2FEF0427E5} - (no file)
O2 - BHO: (no name) - {7E35F01F-FFA7-93BC-CB99-47DC9626D23F} - (no file)
O2 - BHO: (no name) - {7E7F3E35-F793-B374-43B9-5E872A7402AA} - (no file)
O2 - BHO: (no name) - {7F1A34F6-DB1F-391C-9E4E-FEB8A8286B5A} - (no file)
O2 - BHO: Class - {9339610F-91BB-7852-C5A0-226345097177} - C:\WINNT\ipvs.dll (file missing)
O2 - BHO: Class - {A9536800-9968-5168-DF54-DA2FC631C934} - C:\WINNT\system32\netge.dll (file missing)
O2 - BHO: Class - {B065A550-B064-B91F-FEE5-CDCDCEAC9A93} - C:\WINNT\system32\syssg32.dll (file missing)
O2 - BHO: Class - {CBB31759-C75F-72FA-7079-BC0CC16C8A1B} - C:\WINNT\system32\netph32.dll (file missing)
O2 - BHO: (no name) - {D0594E02-F862-7CD8-C71E-026EB4FD1744} - (no file)
O2 - BHO: Class - {D77F33B9-B040-1BE0-D766-2FA3C34403E2} - C:\WINNT\sdkjn32.dll (file missing)
O2 - BHO: Class - {D85418C7-DB33-E383-5FD0-13F4ABBD480C} - C:\WINNT\system32\mfclr.dll (file missing)
O2 - BHO: Class - {DCE7C091-286C-4E1F-D832-8B2CFD0070B8} - C:\WINNT\netfz32.dll (file missing)
O2 - BHO: Class - {E347DECF-0284-9D9E-33BB-E902B9380433} - C:\WINNT\system32\apiiz.dll (file missing)
O2 - BHO: Class - {F58D0060-EB9C-69B5-324F-35CDA7710A7E} - C:\WINNT\netmq32.dll (file missing)
O2 - BHO: Class - {F78E2035-9BEF-18DD-0904-390428A4499F} - C:\WINNT\iplw32.dll (file missing)
O2 - BHO: Class - {F798739A-7E73-7FD2-2E8D-0AC38CB0932A} - C:\WINNT\system32\mfcci32.dll (file missing)
O2 - BHO: Class - {FC7FE60B-5F53-04EE-D392-70AD25A4A72D} - C:\WINNT\system32\ipty32.dll (file missing)
O2 - BHO: Class - {FE91FB5B-3238-070C-109F-53B8456A7736} - C:\WINNT\system32\ieps.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (file missing)
O4 - HKLM\..\Run: [madexe] C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\mad.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\program files\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - .DEFAULT Startup: discfix.lnk = C:\DELL\discfix.cmd (User 'Default user')
O4 - .DEFAULT User Startup: discfix.lnk = C:\DELL\discfix.cmd (User 'Default user')
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Navnt\navapw32.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINNT\System32\shdocvw.dll
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4047/ftp...23/cpbrkpie.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF1C9A00-39CA-4823-AD05-CC4E5AE277F1}: NameServer = 4.2.2.1,4.2.2.2
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\System32\CTsvcCDA.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
O23 - Service: Service Request Monitor - Dell Computer Corporation - C:\Program Files\Dell\Resolution Assistant\Common\bin\RxMon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe

--
End of file - 7645 bytes

#3 Falu

Falu

  • Security Colleague
  • 3,001 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:20 PM

Posted 18 August 2007 - 07:14 AM

Hi phreshfury, :flowers:

If you still need help please post a fresh HijackThis log and I'll be happy to look at it for you.

Thanks for your patience. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users