Mine Log

View previous topic View next topic Go down

Solved Mine Log

Post by Nazzgull on 11th August 2008, 1:51 pm

I have error when i restart my computer. He always checking partition D:
Is something wrong here ?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:50:31, on 11.8.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TP-LINK\TWCU\TWCU.exe
D:\Program Files\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Zango\bin\10.3.74.0\OEAddOn.exe
C:\Program Files\Zango\bin\10.3.74.0\ZangoSA.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Documents and Settings\Plavsic\My Documents\My Pictures\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Zango\bin\10.3.74.0\HostIE.dll
O3 - Toolbar: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Zango\bin\10.3.74.0\HostIE.dll
O4 - HKLM\..\Run: [Ins3DT] F:\INSTALL4\INS3DT.EXE
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui
O4 - HKLM\..\Run: [avast!] D:\Program Files\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.3.74.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.3.74.0\ZangoSA.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 6032 bytes



Nazzgull
Top Dog
Top Dog

Posts Posts : 2330
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : Windows 7 Professional
Points Points : 40495
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Mine Log

Post by Belahzur on 11th August 2008, 2:29 pm

I need more information.
Do you get the error at startup?
What does the error say?

Apart from Zango, which is considered to be adware (popups help pay for it), I see nothing that would cause startup fake alerts/errors.

Please download [You must be registered and logged in to see this link.] and save it to your Desktop.

  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Mine Log

Post by Nazzgull on 11th August 2008, 3:01 pm

This Blue Screen. I leave him to check, when i restart computer,windows do it again, and again.


[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]



Nazzgull
Top Dog
Top Dog

Posts Posts : 2330
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : Windows 7 Professional
Points Points : 40495
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Mine Log

Post by Belahzur on 11th August 2008, 3:15 pm

Ah.
Thanks for the screenshot.

This is probably not malware related.
Try this:
Start > Run
Type in:
sfc /scannow <---- note the spae after c and before /

If it asks for your XP disc, put it in and retry it.

Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Mine Log

Post by Nazzgull on 11th August 2008, 3:22 pm

I'll try. If i still have problem, i'll post. Ty anyway



Nazzgull
Top Dog
Top Dog

Posts Posts : 2330
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : Windows 7 Professional
Points Points : 40495
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Mine Log

Post by Nazzgull on 11th August 2008, 5:49 pm

It work. Where the hell are you learn how to read hijack log and other stuff Big Grin



Nazzgull
Top Dog
Top Dog

Posts Posts : 2330
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : Windows 7 Professional
Points Points : 40495
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Mine Log

Post by Belahzur on 11th August 2008, 5:56 pm

There are many Hijack this schools on the internet. I learnt from the Spywareinfoforum. (spywareinfoforum.com)
As for it working, the chkdsk errors were because legit files were missing/corrupt.
sfc /scannow checks these files (system file checker), if they are found to be bad, it asks for the XP disc and gets a new copy of whatever it wants.
======

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:

  • Download the latest version of [You must be registered and logged in to see this link.].
  • Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 7".
  • Click the "Download" button to the right.
  • In the Window that opens, select your platform and language, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add or Remove Programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    - Examples of older versions in Add or Remove Programs:
    - Java 2 Runtime Environment, SE v1.4.2
    - J2SE Runtime Environment 5.0
    - J2SE Runtime Environment 5.0 Update 2
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u7-windows-i586-p.exe that you downloaded to install the newest version.

Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Mine Log

Post by Nazzgull on 11th August 2008, 5:59 pm

It's OK , I have Java



Nazzgull
Top Dog
Top Dog

Posts Posts : 2330
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : Windows 7 Professional
Points Points : 40495
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Mine Log

Post by Belahzur on 11th August 2008, 6:03 pm

You have Java 6 update 6.
Newest version is Java 6 update 7.

Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Mine Log

Post by Nazzgull on 11th August 2008, 6:34 pm

I need new one ? Okay, as you say.



Nazzgull
Top Dog
Top Dog

Posts Posts : 2330
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : Windows 7 Professional
Points Points : 40495
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Mine Log

Post by Belahzur on 11th August 2008, 6:40 pm

And if you don't use Shoppingreport and Zango, you should uninstall them too.

Other than that, your good to go. Right On!

Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum