|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
Thread Tools |
05-14-2007, 09:58 AM
|
#1 (permalink) |
|
Registered User
Join Date: May 2007
Location: east anglia
Posts: 1
OS: xp
|
DCOM shutdown problem
hi please can someone look at the attached log.
many thanks Logfile of HijackThis v1.99.1 Scan saved at 12:20:51, on 13/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\UAService7.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\systpro32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\Dit.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\CNYHKey.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\HP\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Home Cinema\PowerCinema\PCMService.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Common Files\SmartCom\RTEGPRS.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\charles\LOCALS~1\Temp\Rar$EX00.547\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll (file missing) O1 - Hosts: 127.0.0.3 www.ucleaner.com O1 - Hosts: 127.0.0.3 ucleaner.com O1 - Hosts: 127.0.0.3 www.spywareremovalnews.com O1 - Hosts: 127.0.0.3 spywareremovalnews.com O1 - Hosts: 127.0.0.3 www.ucleaner.com O1 - Hosts: 127.0.0.3 ucleaner.com O1 - Hosts: 127.0.0.3 www.spywareremovalnews.com O1 - Hosts: 127.0.0.3 spywareremovalnews.com O1 - Hosts: 127.0.0.3 www.ucleaner.com O1 - Hosts: 127.0.0.3 ucleaner.com O1 - Hosts: 127.0.0.3 www.spywareremovalnews.com O1 - Hosts: 127.0.0.3 spywareremovalnews.com O1 - Hosts: 127.0.0.3 www.ucleaner.com O1 - Hosts: 127.0.0.3 ucleaner.com O1 - Hosts: 127.0.0.3 www.spywareremovalnews.com O1 - Hosts: 127.0.0.3 spywareremovalnews.com O1 - Hosts: 127.0.0.3 www.ucleaner.com O1 - Hosts: 127.0.0.3 ucleaner.com O1 - Hosts: 127.0.0.3 www.spywareremovalnews.com O1 - Hosts: 127.0.0.3 spywareremovalnews.com O1 - Hosts: 127.0.0.3 www.ucleaner.com O1 - Hosts: 127.0.0.3 ucleaner.com O1 - Hosts: 127.0.0.3 www.spywareremovalnews.com O1 - Hosts: 127.0.0.3 spywareremovalnews.com O1 - Hosts: 127.0.0.3 www.ucleaner.com O1 - Hosts: 127.0.0.3 ucleaner.com O1 - Hosts: 127.0.0.3 www.spywareremovalnews.com O1 - Hosts: 127.0.0.3 spywareremovalnews.com O1 - Hosts: 127.0.0.3 www.ucleaner.com O1 - Hosts: 127.0.0.3 ucleaner.com O1 - Hosts: 127.0.0.3 www.spywareremovalnews.com O1 - Hosts: 127.0.0.3 spywareremovalnews.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {421AD109-39C2-476E-9181-5F1A4A33C262} - C:\WINDOWS\System32\rqrooli.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: bho3 Class - {58FB2CBB-C874-45FC-A1C9-B62CC9E3BED9} - C:\Documents and Settings\charles\513102623.dll (file missing) O2 - BHO: (no name) - {615970F6-1FF0-4D76-A0A2-A1847635117B} - C:\WINDOWS\System32\pmnlk.dll (file missing) O2 - BHO: (no name) - {8021D422-CD79-4239-B7D7-0749F463A80d} - C:\WINDOWS\System32\yiqkgnqq.dll (file missing) O2 - BHO: C:\WINDOWS\System32\zch29sr.dll - {8D5849C4-93F3-429D-FF34-260A2068897C} - C:\WINDOWS\System32\zch29sr.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\System32\suqqvofx.dll (file missing) O3 - Toolbar: (no name) - {84938242-5C5B-4A55-B6B9-A1507543B418} - (no file) O3 - Toolbar: (no name) - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - (no file) O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [] C:\WINDOWS\Options\OEMReset.exe /Audit O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [WellPhone DirectSync - ScheduleSync] C:\PROGRA~1\WELLPH~1\SCHEDU~1.EXE O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray O4 - HKLM\..\Run: [2chkdsk] rundll32.exe "C:\WINDOWS\System32\dlvjgkld.dll",setvm O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKCU\..\Run: [Pjge] "C:\WINDOWS\system32\?icrosoft.NET\s?oolsv.exe" 99001162 O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Common Files\SmartCom\RTEGPRS.exe" tray O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/files...eBHInstall.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{013451C3-184D-4B82-A4DD-11D4143D8F43}: NameServer = 85.255.113.138,85.255.112.171 O17 - HKLM\System\CCS\Services\Tcpip\..\{23587F90-D5AD-49AE-9941-4161AC2DD494}: NameServer = 85.255.113.138,85.255.112.171 O17 - HKLM\System\CCS\Services\Tcpip\..\{48EDB906-A1AD-4A59-BA59-24DE4C073753}: NameServer = 85.255.113.138,85.255.112.171 O17 - HKLM\System\CCS\Services\Tcpip\..\{4B21ABA1-DA53-403B-91CB-CA94599262BE}: NameServer = 85.255.113.138,85.255.112.171 O17 - HKLM\System\CCS\Services\Tcpip\..\{536414FC-97D0-4B6E-9A78-BF06BF268685}: NameServer = 85.255.113.138,85.255.112.171 O17 - HKLM\System\CCS\Services\Tcpip\..\{73FD4D84-74F8-472F-81C1-3CCE6311E90F}: NameServer = 85.255.113.138 85.255.112.171 O17 - HKLM\System\CCS\Services\Tcpip\..\{E2CE5200-82A7-47DC-9900-0656713FDB98}: NameServer = 85.255.113.138,85.255.112.171 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.138 85.255.112.171 O17 - HKLM\System\CS1\Services\Tcpip\..\{013451C3-184D-4B82-A4DD-11D4143D8F43}: NameServer = 85.255.113.138,85.255.112.171 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.138 85.255.112.171 O17 - HKLM\System\CS2\Services\Tcpip\..\{013451C3-184D-4B82-A4DD-11D4143D8F43}: NameServer = 85.255.113.138,85.255.112.171 O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.113.138 85.255.112.171 O17 - HKLM\System\CS3\Services\Tcpip\..\{013451C3-184D-4B82-A4DD-11D4143D8F43}: NameServer = 85.255.113.138,85.255.112.171 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.138 85.255.112.171 O20 - AppInit_DLLs: dxclib303562752.dll O20 - Winlogon Notify: p4reg - p432.dll (file missing) O20 - Winlogon Notify: pmnlk - C:\WINDOWS\System32\pmnlk.dll (file missing) O20 - Winlogon Notify: rqrooli - rqrooli.dll (file missing) O20 - Winlogon Notify: winepi32 - winepi32.dll (file missing) O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\System32\higehsg.dll (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe |
|
     |
|
05-18-2007, 07:58 AM
|
#2 (permalink) |
|
Moderator, Analyst, Security Team ; Rangemaster, TSF Academy
Join Date: Jun 2006
Location: Rhode Island, USA
Posts: 3,252
OS: XP Home SP3, XP MCE SP3, XP Pro SP3
|
Re: DCOM shutdown problem
Hello and welcome to TSF.
 Sorry for the delayed response. If you have not received help elsewhere and still need help, please post a fresh HijackThis log and I'll be happy to assist you.
__________________
My services are free. However, you can donate to TSF to help keep it running and prospering. ASAP  
|
|
|
|
|
| Thread Tools | |
|
|
