Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus 2008 I Think Dx


  • Please log in to reply
29 replies to this topic

#1 weadsd

weadsd

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 15 July 2008 - 05:58 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:56:08 PM, on 7/15/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Owner\Desktop\dl\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {018B27FF-E05F-4CB5-8763-540CB3FD457A} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8CCB9670-E37F-4DA1-908E-2B967555587A} - (no file)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5036.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1214672105328
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O20 - Winlogon Notify: byXNfExv - byXNfExv.dll (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Unknown owner - C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 4521 bytes

BC AdBot (Login to Remove)

 


#2 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 21 July 2008 - 01:31 PM

weadsd

Sorry for the delay

Re Run HijackthisSelect "Main window"
Then select "Open the misc tool section"
Then select "Open uninstall manager"
Then "save list" and save it to your desktop
Copy and paste that list as a reply to this thread
Posted Image
Microsoft MVP - Windows Security

#3 weadsd

weadsd
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 22 July 2008 - 10:35 AM

Ad-Aware 2007
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.0
Adobe Shockwave Player
Advanced WindowsCare Personal
Audition
CleanMyPC - Registry Cleaner
Counter-Strike
HijackThis 2.0.2
Java™ 6 Update 5
LimeWire PRO 4.17.0
Malwarebytes' Anti-Malware
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Windows Journal Viewer
Mozilla Firefox (3.0.1)
Nero 7 Essentials
NVIDIA Drivers
Realtek AC'97 Audio
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Spy Sweeper
Steam
SUPERAntiSpyware Free Edition
Update for Windows XP (KB942763)
Ventrilo Client
Windows Internet Explorer 7
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WinRAR

#4 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 22 July 2008 - 11:03 AM

weadsd

No sign of AntiVirus2008.

Are you still getting warnings about it or ad's from it?
Posted Image
Microsoft MVP - Windows Security

#5 weadsd

weadsd
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 22 July 2008 - 04:44 PM

Oh no, but somebody had said something about it still being in my computer- considering, my whole desktop is gone with a blue screen and can't right click the desktop.
So I checked to see if it was still in my comptuer.

#6 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 23 July 2008 - 07:38 AM

Oh no, but somebody had said something about it still being in my computer- considering, my whole desktop is gone with a blue screen and can't right click the desktop.
So I checked to see if it was still in my comptuer.

So you have no Desktop icons or background?
Posted Image
Microsoft MVP - Windows Security

#7 weadsd

weadsd
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 23 July 2008 - 01:19 PM

No desktop icons, no taskbar/startmenu, um nothing on screen basically.
Just a big ol' blue.
I have to get to my files and everything my task manager- but then I can't open folders. Like C:\My documents etcetcetc.

#8 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 23 July 2008 - 01:32 PM

weadsd

O.k.

Does the PC act the same way in Safe Mode?

If you haven't tried Safe Mode do so see if there is any difference.

And one more question; was the PC infected and you did some cleaning on your own?
Posted Image
Microsoft MVP - Windows Security

#9 weadsd

weadsd
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 23 July 2008 - 01:55 PM

Yes it does, in all safe modes.

#10 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 23 July 2008 - 02:15 PM

weadsd

O.k.

Let's see if this is a shell or a settings problem

We are going to start by seeing if we can get some kind of desktop background

Open Task Manager ->> Select File ->> New Task (run)
When the next window Opens type in explorer.exe ->> Then Select O.K.
A windows Explorer window should open
In the Address bar type in Control Panel ->> Enter

You should see the Control Panel

If you are in Category View Select Appearance and Themes ->> Then Change the Desktop Background
If you are in Classic View Select Display

At the next window Under the Desktop tab Select a background ->> Then Apply->>Then O.k.

And in your reply tell me if you have a desktop background. If you were unable to complete any of the steps outlined, which ones?
Posted Image
Microsoft MVP - Windows Security

#11 weadsd

weadsd
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 23 July 2008 - 06:31 PM

---------------------------
explorer.exe
---------------------------
Windows cannot find 'explorer.exe'. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search.
---------------------------
OK
---------------------------

Can't open explorer.exe.
I don't have a desktop background, it's just blue from the AntiVirus2008 thing from earlier, I believe.

#12 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 23 July 2008 - 08:08 PM

weadsd

With explorer.exe missing or corrupt that is the reason for the missing Desktop and the inability to open folders.

Do you have the XP Operating System Disk that came with the PC?
Posted Image
Microsoft MVP - Windows Security

#13 weadsd

weadsd
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 23 July 2008 - 11:51 PM

No- if I do, do I have to follow a repair thing? I really don't want to waste over 200bucks on that cd x-x

#14 bamajim

bamajim

  • Members
  • 894 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 24 July 2008 - 08:04 AM

weadsd

Maybe we can replace the misssing file.

Where are you running Hijackthis from? What location?
Posted Image
Microsoft MVP - Windows Security

#15 weadsd

weadsd
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:08:48 AM

Posted 24 July 2008 - 10:00 AM

Yeah, that'd be great. :D

What do you mean what location? It's on one of my desktop folders.

Edited by weadsd, 24 July 2008 - 10:01 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users