Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Yup, Umm...a Log


  • This topic is locked This topic is locked
7 replies to this topic

#1 solodude23

solodude23

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 11 September 2006 - 05:23 PM

Looked up vssms32.exe before I even scanned(google). Its definitely not good, but not sure if thats all I should removesooo..here ya go.

Logfile of HijackThis v1.99.1 
Scan saved at 12:10:59 AM, on 9/10/2006 
Platform: Windows XP SP2 (WinNT 5.01.2600) 
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) 
 
Running processes: 
C:\WINDOWS2\System32\smss.exe 
C:\WINDOWS2\system32\winlogon.exe 
C:\WINDOWS2\system32\services.exe 
C:\WINDOWS2\system32\lsass.exe 
C:\WINDOWS2\system32\Ati2evxx.exe 
C:\WINDOWS2\system32\svchost.exe 
C:\WINDOWS2\System32\svchost.exe 
C:\WINDOWS2\system32\Ati2evxx.exe 
C:\WINDOWS2\system32\spoolsv.exe 
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe 
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe 
C:\WINDOWS2\system32\cisvc.exe 
C:\WINDOWS2\system32\HPZipm12.exe 
C:\WINDOWS2\System32\svchost.exe 
C:\WINDOWS2\Explorer.EXE 
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe 
C:\WINDOWS2\BCMSMMSG.exe 
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe 
C:\WINDOWS2\system32\vssms32.exe 
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE 
C:\WINDOWS2\system32\vssms32.exe 
C:\Program Files\iTunes\iTunesHelper.exe 
C:\Program Files\iPod\bin\iPodService.exe 
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 
C:\Program Files\Mozilla Firefox\firefox.exe 
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe 
C:\Program Files\MSN Messenger\msnmsgr.exe 
C:\WINDOWS2\system32\svchost.exe 
C:\Documents and Settings\Zach.VAUGHT-DELL\Desktop\New Folder\HijackThis.exe 
C:\WINDOWS2\system32\cidaemon.exe 
 
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll 
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe 
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS2\system32\NeroCheck.exe 
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe 
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe 
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP 
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime 
O4 - HKLM\..\Run: [vssms32] C:\WINDOWS2\system32\vssms32.exe 
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" 
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" 
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" 
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000 
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll 
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll 
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) 
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) 
O15 - Trusted Zone: http://toolbar.imageshack.us 
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab 
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll 
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab 
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab 
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab 
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab 
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab 
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab 
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.games.yahoo.com/games/web_games/gamehouse/frenzy/SproutLauncher.cab 
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab 
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL 
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL 
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS2\SYSTEM32\WgaLogon.dll 
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS2\system32\WPDShServiceObj.dll 
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS2\system32\Ati2evxx.exe 
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS2\system32\ati2sgag.exe 
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe 
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe 
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe 
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS2\system32\HPZipm12.exe


BC AdBot (Login to Remove)

 


#2 solodude23

solodude23
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 12 September 2006 - 05:16 PM

Anyone? :thumbsup:

#3 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:05:43 AM

Posted 14 September 2006 - 09:07 AM

Hi,

The forums are really busy, that explains why logs get behind. If you still need some help, please start with posting a new hijackthislog in this thread. Don't start with a new thread.
Then I'll take a look. :thumbsup:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#4 solodude23

solodude23
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 15 September 2006 - 06:33 PM

Yeah I see that, my thread was pushed pages back in a day..hehe. But um, why post a new log?

#5 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:05:43 AM

Posted 16 September 2006 - 12:20 AM

Because when a log is already a couple of days old and things may get changed in it :thumbsup:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#6 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:05:43 AM

Posted 18 September 2006 - 05:11 PM

solodude23, not sure if you still need help or not though, because it's already three days again and you still didn't post a new hijackthislog.
I really want to help you, but as long as you don't give the info I need (a new hijackthislog, since things may get changed in it), I can't give you further steps how to proceed.
I am going to leave this thread open for another couple of days and if I still don't receive a new log, I am assuming that your issue is already resolved and closing this thread.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#7 solodude23

solodude23
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:43 PM

Posted 23 September 2006 - 02:12 PM

Yeah sorry, uh, everything is taken care of. :thumbsup: Thanks for the help and concern none-the-less! :flowers:

#8 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:05:43 AM

Posted 23 September 2006 - 03:00 PM

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users