Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Side Effects Of Glacier


  • Please log in to reply
3 replies to this topic

#1 cautiouz

cautiouz

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:09:07 PM

Posted 03 March 2007 - 09:52 PM

The below logfile is being submitted as a result of my computer losing sound after I thought I removed Glacier. Computer indicates "NO AUDIO DEVICE" but I have the hardware. I attempted to reinstall the drivers (SiS7012) but Windows has not been letting me install. I have ran the programs you suggested prior to submitting this log. Thanks!

I really appreciate the help and I do hope someone is able to give me some kind of recommendation on this issue. thanks again!




Logfile of HijackThis v1.99.1
Scan saved at 9:30:33 PM, on 3/3/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
C:\Program Files\PrintKey2000\Printkey2000.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\K.Antrican\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bb.zoomtown.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://bb.zoomtown.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Printkey2000.lnk = C:\Program Files\PrintKey2000\Printkey2000.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\ashampoo\ashampoo firewall\spi.dll
O10 - Unknown file in Winsock LSP: c:\program files\ashampoo\ashampoo firewall\spi.dll
O10 - Unknown file in Winsock LSP: c:\program files\ashampoo\ashampoo firewall\spi.dll
O10 - Unknown file in Winsock LSP: c:\program files\ashampoo\ashampoo firewall\spi.dll
O10 - Unknown file in Winsock LSP: c:\program files\ashampoo\ashampoo firewall\spi.dll
O10 - Unknown file in Winsock LSP: c:\program files\ashampoo\ashampoo firewall\spi.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O15 - Trusted Zone: http://*.fishddl.com
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

BC AdBot (Login to Remove)

 


#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:03:07 AM

Posted 04 March 2007 - 05:05 AM

I don't really understand why you have posted a Hijackthis log. Do you have reason to believe this is a security issue? As far as I can see, this has nothing to do with malware, and the question would better be posted on another part of the board. The log looks clean to me, nothing wrong there at all, though you do need to visit windows update as soon as you can; any reason why your windows isn't up to date? You don't have even ServicePack1 installed! Remember that your system is extremely vulnerable without the necessary security patches/updates, so malware can get installed automatically while surfing without any problems.

Please visit this page and update to Service Pack 1

I recommend that you post your question in the following forum as you will recieve better help there. Let them know you have had your Hijackthis log checked, and it isn't a serious security issue.
Hardware Forum

#3 cautiouz

cautiouz
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:09:07 PM

Posted 05 March 2007 - 08:25 PM

I dont understand why you would say there is nothing there! I cant even install programs on that computer. Additionally, everytime I turn around I have to run several different software to remove trojans that I dont even know how they got there.

I did everything there is.. now Im getting a popup every 45 seconds that rather annoying from a Messenger Service that says my Windows requires immeidate attention.

Since :thumbsup: you guys cant help me resolve this will you please refer me to another forum or something. And thanks for your time; but I really feel that you could at least give me some kind of explanation why this is all happening instead of telling me all i need to do is update windows. I cannot install stuff...

sorry to even have come here
Just disregard this post geezzz
have a great day!!!

#4 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:03:07 AM

Posted 06 March 2007 - 08:52 AM

Hiya cautiouz, I have some issues here before we continue.

From the original post, you stated that you were having problems with some various hardware related problems; then you went on to post a Hijackthis log. You might be under the presumption that Hijackthis works as a general diagnostic tool, which you are partly correct, but it doesn't not help me in any way with the problems you stated; Hijackthis is used to remove viruses/trojans and other malware which is nothing to do with the problem that you stated. Have a look at your original post, and tell me if you agree with what I am saying; if you don't let me know and I'll try and explain in a different way. We have hundreds of logs posted here, and a majority of them are posted without a specific link to malware, so I have to check this out before I help you.

I have a feeling that you think that everything can be fixed with Hijackthis, I analysed the log and I told you it was clean. I don't know whether you read my post all the way through, have another look if you didn't. I redirected you to another part of the forum already, the hardware forum, where I feel you will recieve the best help for the problem you described in the first post. I'm not a genius, I have a specific area I like to help in, and I don't really know much about hardware.

And thanks for your time; but I really feel that you could at least give me some kind of explanation why this is all happening instead of telling me all i need to do is update windows.

I actually think this is an unreasonable comment to make, I did give you further information, I wanted you to post on another forum where you recieve better help. I'm not going to waste any more of my time on this, but I want you to remember one thing - I do this voluntarily, I don't have to do this at all; I think some people forget that from time to time.

Now, you stated a problem in the last post that I can help you with. The Windows "Messenger Service" is being exploited to spray the Internet with unsolicited commercial eMail. The receipt of a single UDP packet can cause a "Messenger Service" dialog to pop-up on the user's screen. It is possible for the sender to "spoof" (falsify) the packet's "Source IP", making these packets impossible to trace back to their origin................

The first thing to understand is that the Windows Messenger Service is completely different from, and not in any way related to, "MSN Messenger", "Windows Messenger", or any other well-known instant messaging system. Therefore, disabling the Windows Messenger service will have no effect upon your use of any other instant messaging applications. They will continue to work without trouble.

To block the spam is to turn off Messenger Service.
Click Start>>Settings>>Control Panel

--Double click Administrative Tools
--Double click Services
--Double click Messenger
--Under Service Status, click Stop
--In the box next to Startup Type, select Disabled
--Click Apply>>OK

Alternatively, you can download a small program that will disable Messenger Service for you Called Shoot The Messenger.
It's available at: http://www.grc.com/stm/shootthemessenger.htm

I do hope your attitude changes somewhat, have a good think about you said in your last reply.
Having completed the above, and then updated Windows, please post back with a new Hijackthis log.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users