Author Topic: cyanide rose's HijackThis log (Read 4484 times)

cyanide rose · « **Reply #15 on:** November 10, 2006, 01:16:19 AM »

Hi SpyDie, sorry for not getting back to you earlier. I have fixed those entries with HijackThis but can't do the online scan because my connection (56k) only works for about half an hour before I start getting cannot find server/page not found errors. I have noticed that sometimes when this half hour is up, the tool bar flickers briefly into what looks like safe mode before flicking back into normal mode. After this, I can't use any of the buttons on the toolbar, including the volume control for the speakers (I get a 'drivers not installed' message or something to that effect).

cyanide rose · « **Reply #16 on:** November 10, 2006, 02:21:15 AM »

Sorry, I forgot to add my latest HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 1:16:43 PM, on 11/10/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\irdvxc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
E:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\slrundll.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\OzHJT.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://aapt.net.au
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - E:\Program Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] E:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [RealPlayer] "E:\Program Files\realplay.exe" /RunUPGToolCommandReBoot
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download with GetRight - E:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - E:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - E:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - E:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - E:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{35367287-C957-459E-B71D-EAAFEB38169B}: NameServer = 203.12.160.35 203.12.160.36
O17 - HKLM\System\CS1\Services\Tcpip\..\{35367287-C957-459E-B71D-EAAFEB38169B}: NameServer = 203.12.160.35 203.12.160.36
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

SpyDie · « **Reply #17 on:** November 14, 2006, 02:32:50 PM »

Hi,

Sorry I meant to reply to this a while ago.

As to the logfile, it looks fine.

As to the internet, just take a quick look at something for mease. Click Start > Control Panel > The 'System' applet. Click the 'Hardware' tab and then click 'Device Manager'. Could you tell me if there is any yellow exclamation marks or red crosses next to any of the devices listed there? If so, what devices are they?

cyanide rose · « **Reply #18 on:** November 15, 2006, 12:05:24 PM »

Yes I do. Under 'Other Devices', there are three with yellow exclamation marks:

PCI Simple Communications Controller
RAID Controller
Universal Serial Bus (USB) Controller

Thanks again.

SpyDie · « **Reply #19 on:** November 20, 2006, 03:07:54 PM »

"PCI Simple Communications Controller" is simply a generic name that Windows uses if it can't recognize a device. It's actually a modem.

Could you download Belarc?

http://www.belarc.com/free_download.html

Install it and it'll make a HTML file with a ton of information about your computer...and it'll load it up when it's finished. You can just copy/paste it all in a post (it'll display fine, well in a legible way anyway) or upload the file it makes. The file it produces will be stored in: C:\Program Files\Blearc\Advisor\System\tmp\

The HTML file will be named [yourusername].html

cyanide rose · « **Reply #20 on:** November 22, 2006, 01:09:34 AM »

Ok, here's the analysis:

Operating System System Model
Windows XP Professional (build 2600) VIA Technologies, Inc. KT600-8237
Enclosure Type: Desktop
Processor a Main Circuit Board b
1.93 gigahertz AMD Athlon XP
128 kilobyte primary memory cache
512 kilobyte secondary memory cache Board: http://www.abit.com.tw/ KV7(VIA KT600-8237) 1.x
Bus Clock: 166 megahertz
BIOS: Phoenix Technologies, LTD 6.00 PG 09/22/2003
Drives Memory Modules c,d
140.07 Gigabytes Usable Hard Drive Capacity
40.48 Gigabytes Hard Drive Free Space

AXV CD/DVD-ROM SCSI CdRom Device [CD-ROM drive]
LITE-ON LTR-52327S [CD-ROM drive]
3.5" format removeable media [Floppy drive]

SAMSUNG SV2001H [Hard drive] (20.06 GB) -- drive 1
WDC WD1200BB-00DAA3 [Hard drive] (120.03 GB) -- drive 0 256 Megabytes Installed Memory

Slot 'DIMM1' is Empty
Slot 'DIMM2' is Empty
Slot 'DIMM3' has 256 MB
Local Drive Volumes

c: (NTFS on drive 0) 5.24 GB 1.12 GB free
d: (FAT32 on drive 1) 20.05 GB 13.23 GB free
e: (NTFS on drive 0) 114.78 GB 26.12 GB free

Network Drives
None detected
Users (mouse over user name for details) Printers
local user accounts last logon
Administrator 10/24/2006 7:17:28 PM (admin)
sarah ann 11/22/2006 12:34:30 PM (admin)
local system accounts
Guest 11/21/2006 11:21:04 PM
HelpAssistant never
SUPPORT_388945a0 never

Marks a disabled account; Marks a locked account Canon i320 on USB001
hp deskjet 845c on \\GAMING-BEAST\Printer
hp deskjet 845c on \\STIFLERSMUM\Printer

Controllers Display
Standard floppy disk controller
Primary IDE Channel [Controller]
Secondary IDE Channel [Controller]
VIA Bus Master IDE Controller GeCube RADEON 9600 SE Game Buster [Display adapter]
GeCube RADEON 9600 SE Game Buster - Secondary [Display adapter]
HP D5259A [Monitor] (15.7"vis, s/n TT00501179, January 2000)
Bus Adapters Multimedia
VDEVAX SCSI Controller
VIA Rev 5 or later USB Universal Host Controller (4x) Unimodem Half-Duplex Audio Device
VIA AC'97 Enhanced Audio Controller (WDM)
Communications Other Devices
NetComm 56K USB Modem #2

RAS Async Adapter
IP Address: 203.213.3.188 / 32
Gateway: 203.213.3.188
Physical Address: 00:53:45:00:00:00
VIA Compatable Fast Ethernet Adapter
Physical Address: 00:50:8D:53:EB:D3

Networking Dns Servers: 203.12.160.35
203.12.160.36
Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Cypress USB Mouse
USB Root Hub (4x)
Virus Protection [Back to Top]
No details available
Missing Microsoft Security Hotfixes [Back to Top]
These required security hotfixes (using the 11/14/2006 Microsoft Security Bulletin Summary) were not found installed. Note: CIS benchmarks require that Critical and Important severity security hotfixes must be installed.
Q311967 - Unrated (details...)
Q313450 - Unrated (details...)
Q315000 - Unrated (details...)
Q318089 - Unrated (details...)
Q318138 - Unrated (details...)
Q318202 - Unrated (details...)
Q318203 - Unrated (details...)
Q323172 - Unrated (details...)
Q323255 - Unrated (details...)
Q324380 - Moderate (details...)
Q326830 - Unrated (details...)
Q328310 - Unrated (details...)
Q328676 - Unrated (details...)
Q328940 - Unrated (details...)
Q329048 - Unrated (details...)
Q329115 - Unrated (details...)
Q329170 - Unrated (details...)
Q329390 - Unrated (details...)
Q329834 - Critical (details...)
Q331953 - Unrated (details...)
Q810577 - Unrated (details...)
Q810833 - Low (details...)
Q814078 - Unrated (details...)
Q815021 - Unrated (details...)
Q817606 - Unrated (details...)
Q823182 - Unrated (details...)
Q823353 - Moderate (details...)
Q823559 - Unrated (details...)
Q823980 - Unrated (details...)
Q824105 - Unrated (details...)
Q825119 - Unrated (details...)
Q828741 - Critical (details...)
Q832483 - Important (details...)
Q833987 - Critical (details...)
Q834707 - Critical (details...)
Q837001 - Important (details...)
Q839645 - Important (details...)
Q840315 - Critical (details...)
Q840374 - Important (details...)
Q840987 - Critical (details...)
Q841356 - Critical (details...)
Q841533 - Important (details...)
Q841873 - Critical (details...)
Q873376 - Critical (details...)

Installed Microsoft Hotfixes [Back to Top]
Windows XP
SP1
KB828035 on 1/10/2004 (details...)
SP2
KB835732 on 1/13/2004 (details...)
No details available

Click here to see all available Microsoft security hotfixes for this computer.

Marks a security hotfix (using the 11/14/2006 Microsoft Security Bulletin Summary)
Marks a hotfix that verifies correctly
Marks a hotfix that fails verification (note that failing hotfixes need to be reinstalled)
Unmarked hotfixes lack the data to allow verification

Click here for Belarc's System Management products, for large and small companies.

Software Licenses [Back to Top]

Ahead - NeroMediaPlayer 1502-4240-1202-0757-1131-9785
Belarc - Advisor fa29fcc3
Macromedia - Dreamweaver DWW600-54622-26755-01760 (Reg #: AF01457693219865)
Microsoft - Internet Explorer 55274-646-5207725-23629 (Key: QMDGV-QRC2B-XF6JB-GRGHK-W9DRC)
Microsoft - MediaPlayer 69808-830-2288267-04789
Microsoft - Office XP Professional with FrontPage 54185-640-0000025-17339 (Key: FM9FY-TMF7Q-KCKCT-V9T29-TBBBG)
Microsoft - WebFldrs XP 12345-111-1111111-69713
Microsoft - Windows XP Professional 55274-646-5207725-23629 (Key: QMDGV-QRC2B-XF6JB-GRGHK-W9DRC)
ScanSoft - OmniPageSE OP0073010-06032002A

Software Versions (mouse over * for details, click * for location) [Back to Top]
Adobe Acrobat Reader Version 5.0.5.0 *
Adobe ImageReady (tm) CS Version 8.0x117 *
Adobe Photoshop CS CS *
Adobe Photoshop Version 6.0 *
Adobe Systems, Inc. Adobe Gamma Loader Version 1, 0, 0, 1 *
Ahead software - NeroMIX Version 1, 3, 1, 6 *
Ahead Software AG Karlsbad Germany Phone: ++49-7248-911-800 Fax: ++49-7248-911-888 e-mail: info@nero.com - LANGUAGE_English2 Version 5, 5, 10, 13 *
Ahead Software AG - InfoTool Application Version 1, 0, 3, 3 *
Ahead Software AG - Nero CD Speed Application Version 1, 0, 2, 0 *
ahead software gmbh, karlsbad - Cover Designer Version 2, 2, 1, 11 *
Alcohol 120% Version 1.3 *
Alcohol Soft Co., Ltd. Version 1.3 *
Alexander Roshal - WinRAR archiver Version 3.51.0.0 *
America Online, Inc. - AOL Instant Messenger Version 5.1.3036 *
Apple Computer, Inc. - iTunes Version 4.7.1.30 *
Apple Computer, Inc. - QuickTime QuickTime 6.5.2 *
ArcSoft Inc. - PhotoBase Version 3.0.0.106 *
ArcSoft PhotoStudio Version 5.0.0.53 *
ATI External Event Utility for WindowsNT and Windows9X Version 6.14.4105.02 *
ATI Smart Version 5.13.0020 *
ATI Technologies Inc. - ACE Version 1.0.1698.24173 *
Belarc, Inc. - Advisor Version 7.2a *
Canon BJ Raster Printer Driver Installer Version 1.60.1.6 *
CANON INC. - CanoScan Toolbox Application Version 4.1.1.0 *
Cinematronics - 3D Pinball Version 5.1.2600.0 *
CoffeeCup Free FTP *
DivX 6.2.5, DivX Converter 6.2, DivX Player 6.3, DivX Web Player 1.0.0 ([T:DVFC][B:DVFA]) Version 1.0.0.216 *
DivX Converter Version 6, 2, 0, 52 *
DivX Player Version 0,0,0,0 *
DivXNetworks Inc. - Config App. Version 2, 0, 0, 1 *
DivXNetworks, Inc. - DivX EKG Version 1.0.0.0 *
Electronic Arts - EasyInfo 2 Version 2,0,2,5 *
Electronic Arts Inc. - EA Uninstall Version 1.04.00.356 *
Electronic Arts Inc. - EReg Version 1, 0, 0, 59 *
Electronic Arts, Inc. - EReg Version 1, 0, 0, 58 *
Erik Deppe - DriveSpeed Version 1, 6, 1, 0 *
ewido anti-spyware Version 4, 0, 0, 172 *
FileZilla Version 2, 2, 17, 100 *
FreshFTP Version 3.30.0.0 *
GlobalSCAPE Texas, LP. - CuteFTP Home Version 7.1 Build 06.06.2005.1 *
Guide *
Headlight Software, Inc. - GetRight Version 5.2d *
IniCom Networks, Inc. - FlashFXP Version 3.4.0.1145 *
Inno Setup Version 51.34.0.0 *
iPod Universal Updater Version 4.1 *
Jasc Software Inc. - Animation Shop 3 Version 3.02 *
Jasc Software, Inc. - Paint Shop Pro 7 Version 7.02 *
Lavasoft Ad-Aware SE VI.Second Edition *
LimeWire Version 1, 0, 0, 2 *
Macromedia Dreamweaver MX Version 6.0.1714 *
Macromedia Extension Manager Version 1.5.037 *
Macromedia, Inc. - Director 8 Shockwave Studio Version 8.0 * Macromedia, Inc. - Shockwave Flash Version 8,0,22,0 *
Mat Hoffman's Pro BMX *
Maxis, a division of Electronic Arts Inc. - The Sims 2 Body Shop Package Installer Version 1.2.0.312 *
Maxis, a division of Electronic Arts Inc. - The Sims 2 Body Shop Version 1.0.0.999 *
Maxis, a division of Electronic Arts Inc. - The Sims 2 Body Shop Version 1.1.0.230 *
Maxis, a division of Electronic Arts Inc. - The Sims 2 Body Shop Version 1.2.0.312 *
Maxis, a division of Electronic Arts Inc. - The Sims 2 Nightlife Version 1.2.0.312 *
Maxis, a division of Electronic Arts Inc. - The Sims 2 University Version 1.1.0.230 *
Maxis, a division of Electronic Arts Inc. - The Sims 2 Version 1.0.0.999 *
Microsoft (r) Windows Script Host Version 5.6.0.6626 *
Microsoft Application Error Reporting Version 10.0.2609 *
Microsoft Clip Organizer Version 10.0.2625 *
Microsoft Corporation - Age of Empires II Expansion Version 2.1 *
Microsoft Corporation - Age of Empires II Version 2.0a *
Microsoft Corporation - IMAPI Module Version 1, 0, 0, 2 *
Microsoft Corporation - Internet Explorer Version 6.00.2600.0000 *
Microsoft Corporation - Messenger Version 4.7 *
Microsoft Corporation - Windows Installer - Unicode Version 2.0.2600.0 *
Microsoft Corporation - Windows Movie Maker Version 1.1.2427.0 *
Microsoft Corporation - Windows® NetMeeting® Version 3.01 *
Microsoft Corporation - Zone.com Version 1.2.626.1 *
Microsoft Games Version 1.0.0.0 *
Microsoft Office Save My Settings/Profile Wizard Version 10.0.2609 *
Microsoft Office XP Version 10.0.2627 *
Microsoft Open Database Connectivity Version 3.520.7713.0 *
Microsoft Outlook Version 10.0.2627 *
Microsoft Windows Media Player Version 6.4.09.1120 *
Microsoft(R) MSN (R) Communications System Version 6.10.0016.1624 *
Microsoft(R) Windows Media Player Version 10.00.00.3802 *
MindVision - Installer VISE 2.8.3 Version 2.8.3 *
Mozilla Corporation - Firefox Version 1.5.0.7 *
Network helper Service *
Nullsoft - Winamp Version 5.03a *
OLYMPUS OPTICAL CO.,LTD. - CAMEDIA Master Version 4, 1, 0, 10 *
RealNetworks, Inc. - RealPlayer (32-bit) Version 0.1.0.3018 *
RealNetworks, Inc. - RealPlayer (32-bit) Version 6.0.12.857 *
RealNetworks, Inc. - RealPlayer (32-bit) Version 7.0.0.2400 *
Safer Networking Limited - Spybot - Search & Destroy Version 1, 4, 0, 3 *
Safer Networking Limited - SpyBot-S&D Version 1, 4, 0, 3 *
ScanSoft Inc. - Scanner Wizard Version 3.0.244.0 *
ScanSoft, Inc - OmniPage SE Version 11.0 *
Schedule OCR *
SmartFTP Client Version 2.0.996.29 *
Sun Microsystems, Inc. - Java(TM) 2 Platform Standard Edition 5.0 Update 8 Version 5.0.80.3 *
System Level Service Utilty Version 2.41.0.1 *
UI4 Application Version 1, 0, 0, 1 *
WinRAR.exe *
WinZip Version 8.1 (4331) *
Wizard Version 1.0.1698.24116 *
Yahoo! Messenger Version 5, 6, 0, 1358 *
YSIGet Version 0.99c *
µTorrent *

cyanide rose · « **Reply #21 on:** December 15, 2006, 08:18:04 AM »

Hi, I'm still having the same problem as before and am really at my wits end with my computer. Is there nothing showing up on that analysis thing I posted?

SpyDie · « **Reply #22 on:** December 15, 2006, 10:10:03 AM »

Sorry, forgot about this topic. Did you get any driver CDs with the computer? Also, if you visit Windows Update does it offer you any driver updates? If it does, it'll list them under "Hardware,optional".

So what are the current problems? Just your 56K internet randomly disconnecting? (Which could be due to the driver problems).

LandzDown Forum

News:

Author Topic: cyanide rose's HijackThis log (Read 4484 times)

cyanide rose

Re: cyanide rose's HijackThis log

cyanide rose

Re: cyanide rose's HijackThis log

SpyDie

Re: cyanide rose's HijackThis log

cyanide rose

Re: cyanide rose's HijackThis log

SpyDie

Re: cyanide rose's HijackThis log

cyanide rose

Re: cyanide rose's HijackThis log

cyanide rose

Re: cyanide rose's HijackThis log

SpyDie

Re: cyanide rose's HijackThis log