Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wierd


  • This topic is locked This topic is locked
1 reply to this topic

#1 Jackmline

Jackmline

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 16 September 2007 - 03:06 AM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:33:27 PM, on 9/16/2007
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\PROGRA~2\Grisoft\AVG7\avgrssvc.exe
C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~2\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~2\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~2\Grisoft\AVG7\avgrssvc.exe
C:\PROGRA~2\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~2\Grisoft\AVG7\avgcc.exe
C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files (x86)\IceChat7\IceChat7.exe
C:\Program Files (x86)\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files (x86)\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.1.8.30.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.012.555.35 85.302.951
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

--
End of file - 4195 bytes

BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:09:17 PM

Posted 28 September 2007 - 03:37 PM

Hi,

After reviewing your log, it has been determined, that there are no infections present on your computer. Not every Computer problem is caused by malware.
Please create another Topic, in the Windows XP Home and Professional forum, with a thorough explanation of the problems you're experiencing,
such as:
  • How long have you had this problem?
  • What have you done to try and correct this problem?
  • Is this a persistent problem. or does it just occur occasionally
  • Have you installed any new hardware/software recently?
  • What were you doing when this problem first started?
  • The exact Error Messages, you may have received.
  • etc...
Please also include:
  • Operating System (XP Home, XP Pro, etc.)
  • Browser (Internet Explorer, Firefox, etc.)
  • Antivirus used
  • Spyware/Malware programs used
By including as much information as possible, we will better be able to understand your problem, which will result in your computer being fixed, in the most timely manner.

Do NOT post a HijackThislog there.
Also, to avoid confusion, mention that you have already posted a HijackThis log, and it was found that you had no infections.
This will prevent others from suggesting, that you post a HJT log for examination.


Since there were no infections found, on your computer, I will now close this Topic.
If you have any questions, don't hesitate to PM me.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users