Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problem With Realplayer


  • Please log in to reply
1 reply to this topic

#1 Voyshick

Voyshick

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:35 AM

Posted 16 May 2007 - 06:28 AM

... after double clicking on the specified clip. weird, isn't it? :/ . additionally, cannot install my vodafone internet card). and i just reinstalled my OS... anyway, here is the log:

Logfile of HijackThis v1.99.1
Scan saved at 12:21:38, on 16/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Programas\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Programas\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Programas\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Programas\Canon\CAL\CALMAIN.exe
C:\WINDOWS\TEMP\TU2335.EXE
C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programas\Synaptics\SynTP\SynTPLpr.exe
C:\Programas\Synaptics\SynTP\SynTPEnh.exe
C:\Programas\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programas\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Programas\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programas\TOSHIBA\Controlos TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programas\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Programas\Skype\Phone\Skype.exe
C:\Programas\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Programas\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programas\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Programas\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Programas\Skype\Plugin Manager\skypePM.exe
C:\Programas\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programas\Real\RealPlayer\RealPlay.exe
C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe
C:\Documents and Settings\Voytec\Ambiente de trabalho\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?

LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.uminho.pt:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0

\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programas\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programas\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Tvs] C:\Programas\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Programas\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [PadTouch] C:\Programas\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programas\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Programas\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programas\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [updateMgr] C:\Programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Skype] "C:\Programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: CD do software adicional.lnk = D:\setup.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0

\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

(file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network

Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programas\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) -

https://antivirus.scom.uminho.pt/officescan...ll/WinNTChk.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) -

https://antivirus.scom.uminho.pt/officescan...stall/setup.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) -

https://antivirus.scom.uminho.pt/officescan.../RemoveCtrl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programas\Canon\CAL\CALMAIN.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programas\Trend Micro\OfficeScan

Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Programas\Trend Micro\OfficeScan

Client\OfcPfwSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. -

C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Programas\TOSHIBA\TOSHIBA

Applet\TAPPSRV.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Programas\Trend Micro\OfficeScan

Client\tmlisten.exe

BC AdBot (Login to Remove)

 


#2 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:12:35 AM

Posted 20 May 2007 - 07:52 PM

Howdy Voyshick,


Welcome to Bleeping Computer. No infection showing here, though looks like using Word Wrap broke the log up some. And of course you don't mention any infection issues as well. The Real Player issue sounds like you are trying to open a type of file it is not associated with, or perhaps do not have the correct codec to run the file. Best bet for both issues for now is to post a new request in the BC All other Applications forum for some solid advice from those folks.
Ad eundum quo no duck ante iit




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users