1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Multiple issues

Discussion in 'Virus & Other Malware Removal' started by csice, Jun 25, 2009.

Thread Status:
Not open for further replies.
  1. csice

    csice Thread Starter

    Joined:
    Jun 25, 2007
    Messages:
    13
    I was recommended by someone else to post my log file here to see if anything out of the ordinary could be spotted.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:55:30 PM, on 6/25/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    D:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    D:\WINDOWS\system32\nvsvc32.exe
    D:\WINDOWS\system32\IoctlSvc.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\TVersity\Media Server\MediaServer.exe
    D:\Program Files\Viewpoint\Common\ViewpointService.exe
    D:\WINDOWS\system32\RUNDLL32.EXE
    D:\WINDOWS\RTHDCPL.EXE
    D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    D:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    D:\Program Files\Razer\razerhid.exe
    D:\WINDOWS\system32\wscntfy.exe
    D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    D:\WINDOWS\system32\RUNDLL32.EXE
    D:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
    D:\Program Files\iTunes\iTunesHelper.exe
    D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    D:\Program Files\Razer\razerofa.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    D:\Program Files\TVersity\Media Server\web\admin\TVersity.exe
    D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    D:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
    D:\Program Files\iPod\bin\iPodService.exe
    D:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
    D:\Program Files\uTorrent.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Program Files\AIM6\aim6.exe
    D:\Program Files\AIM6\aolsoftware.exe
    D:\WINDOWS\system32\msiexec.exe
    D:\WINDOWS\explorer.exe
    D:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
    D:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
    D:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
    F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [JMB36X IDE Setup] D:\WINDOWS\JM\JMInsIDE.exe
    O4 - HKLM\..\Run: [36X Raid Configurer] D:\WINDOWS\system32\JMRaidSetup.exe boot
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [HP Software Update] "D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "D:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    O4 - HKLM\..\Run: [razer] D:\Program Files\Razer\razerhid.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [LifeChat] "D:\Program Files\Microsoft LifeChat\LifeChat.exe"
    O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent.exe"
    O4 - HKCU\..\Run: [P2kAutostart] V600
    O4 - S-1-5-18 Startup: TVersity Media Server.lnk = D:\Program Files\TVersity\Media Server\web\admin\TVersity.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: TVersity Media Server.lnk = D:\Program Files\TVersity\Media Server\web\admin\TVersity.exe (User 'Default user')
    O4 - Startup: TVersity Media Server.lnk = D:\Program Files\TVersity\Media Server\web\admin\TVersity.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {C9D7D239-B502-48B3-BA25-9DF8C7264073} (CCAWebLogin Control) - https://munacsri.marshall.edu/auth/CCALogin.CAB
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B1BA8AB8-CA76-44DA-B73C-FFB122C452EE}: NameServer = 85.255.112.69,85.255.112.209
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.69,85.255.112.209
    O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.112.69,85.255.112.209
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.69,85.255.112.209
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - D:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Eraser Service (EraserSvc10910) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: GAM - Unknown owner - D:\DOCUME~1\CODY~1.COD\LOCALS~1\Temp\GAM.exe
    O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: NBService - Unknown owner - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - D:\WINDOWS\system32\IoctlSvc.exe
    O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - D:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
    O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - D:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
    O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - D:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
    O23 - Service: TVersityMediaServer - Unknown owner - D:\Program Files\TVersity\Media Server\MediaServer.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - D:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - D:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
    O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

    --
    End of file - 10876 bytes
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Multiple issues
  1. hudstore44
    Replies:
    1
    Views:
    410
  2. catlin
    Replies:
    15
    Views:
    893
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/838295

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice