Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » HiJackthis log

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

HiJackthis log

Reply
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #1 (permalink)  
Old 13-02-2007, 01:06 PM
Newbie
D-A-L Newbie
  
Join Date: Feb 2007
Posts: 1
ziemmerman Is a beginner here at D-A-L
HiJackthis log
Hi Guys,

I'm having a lot of problems including lost "run as", control panel, printer panel not accessible etc. Most of it has cleared up after running Spybor, AdAware and sdfix but some things still don't work right. Could you take a look at the Hjackthis log? I noticed a lot of (file missing) but i'm not shure what that means.

Thanks

Sidney

Logfile of HijackThis v1.99.1
Scan saved at 12:46:09, on 13-2-2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP4 (5.00.2920.0000)

Running processes:
C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s mss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\termsrv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\System32\ismserv.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\system32\ntfrs.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\System32\locator.exe
C:\WINNT\system32\r_server.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Rabotwin\RaboComm\RaboCommSrv.exe
C:\Program Files\TapeWare\TWWINSDR.EXE
C:\WINNT\System32\lserver.exe
C:\WINNT\System32\ups.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\dns.exe
C:\Program Files\Kerio\MailServer\mailserver.exe
C:\Program Files\Exchsrvr\bin\exmgmt.exe
c:\program files\kerio\mailserver\plugins\avserver.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
c:\program files\kerio\mailserver\plugins\spamserver.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Kerio\MailServer\MailCtrl.exe
C:\Program Files\Rabo\Support\RaboSessionMon.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKCU\..\Run: [MailCtrl] "C:\Program Files\Kerio\MailServer\MailCtrl.exe"
O4 - Global Startup: Rabo Session Monitor.lnk = C:\Program Files\Rabo\Support\RaboSessionMon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator.ntserver\windows\system32\r nr20.dll' missing
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {1FB464C8-09BB-4017-A2F5-EB742F04392F} (Microsoft Terminal Services Control (redist)) - http://ntserver/tsweb/mstscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = happykids.nl
O17 - HKLM\System\CCS\Services\Tcpip\..\{36FCE0E6-6EEA-4441-911C-370FE854EC4B}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BCEAE0C7-820D-4CFC-88D2-4F3872A86E62}: NameServer = 192.168.1.1,80.65.96.50,195.86.14.10
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = happykids.nl
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = happykids.nl
O23 - Service: Alerter - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s ervices.exe (file missing)
O23 - Service: Application Management (AppMgmt) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s ervices.exe (file missing)
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s vchost.exe (file missing)
O23 - Service: Computer Browser (Browser) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s ervices.exe (file missing)
O23 - Service: ClipBook (ClipSrv) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\c lipsrv.exe (file missing)
O23 - Service: Distributed File System (Dfs) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\D fssvc.exe (file missing)
O23 - Service: DHCP Client (Dhcp) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s ervices.exe (file missing)
O23 - Service: DHCP Server (DHCPServer) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\t cpsvcs.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\d madmin.exe (file missing)
O23 - Service: Logical Disk Manager (dmserver) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s ervices.exe (file missing)
O23 - Service: DNS Server (DNS) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\d ns.exe (file missing)
O23 - Service: DNS Client (Dnscache) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s ervices.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s ervices.exe (file missing)
O23 - Service: Fax Service (Fax) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\f axsvc.exe (file missing)
O23 - Service: HID Input Service (HidServ) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\h idserv.exe (file missing)
O23 - Service: Intersite Messaging (IsmServ) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\i smserv.exe (file missing)
O23 - Service: Kerberos Key Distribution Center (kdc) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\l sass.exe (file missing)
O23 - Service: Kerio MailServer (KerioMailServer) - Kerio Technologies - C:\Program Files\Kerio\MailServer\mailserver.exe
O23 - Service: Server (lanmanserver) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s ervices.exe (file missing)
O23 - Service: Workstation (lanmanworkstation) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s ervices.exe (file missing)
O23 - Service: License Logging Service (LicenseService) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\l lssrv.exe (file missing)
O23 - Service: TCP/IP NetBIOS Helper Service (LmHosts) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s ervices.exe (file missing)
O23 - Service: Messenger - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s ervices.exe (file missing)
O23 - Service: Network DDE (NetDDE) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\n etdde.exe (file missing)
O23 - Service: Network DDE DSDM (NetDDEdsdm) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\n etdde.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\l sass.exe (file missing)
O23 - Service: Network Connections (Netman) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s vchost.exe (file missing)
O23 - Service: File Replication-service (NtFrs) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\n tfrs.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\l sass.exe (file missing)
O23 - Service: Removable Storage (NtmsSvc) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s vchost.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s ervices.exe (file missing)
O23 - Service: IPSEC Policy Agent (PolicyAgent) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\l sass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s ervices.exe (file missing)
O23 - Service: Remote Access Auto Connection Manager (RasAuto) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s vchost.exe (file missing)
O23 - Service: Remote Access Connection Manager (RasMan) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s vchost.exe (file missing)
O23 - Service: Routing and Remote Access (RemoteAccess) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s vchost.exe (file missing)
O23 - Service: Remote Registry Service (RemoteRegistry) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\r egsvc.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\l ocator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown owner - C:\Documents.exe (file missing)
O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\r svp.exe (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\system32\r_server.exe" /service (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\l sass.exe (file missing)
O23 - Service: Smart Card Helper (SCardDrv) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\S CardSvr.exe (file missing)
O23 - Service: Smart Card (SCardSvr) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\S CardSvr.exe (file missing)
O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\M STask.exe (file missing)
O23 - Service: RunAs Service (seclogon) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s ervices.exe (file missing)
O23 - Service: System Event Notification (SENS) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s vchost.exe (file missing)
O23 - Service: Internet Connection Sharing (SharedAccess) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s vchost.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s poolsv.exe (file missing)
O23 - Service: Rabo Comm Server (Srv_RaboComm) - Rabobank Nederland - C:\Program Files\Rabotwin\RaboComm\RaboCommSrv.exe
O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s mlogsvc.exe (file missing)
O23 - Service: TapeWare - Unknown owner - C:\Program Files\TapeWare\TWWINSDR.EXE
O23 - Service: Telephony (TapiSrv) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s vchost.exe (file missing)
O23 - Service: Terminal Services (TermService) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\t ermsrv.exe (file missing)
O23 - Service: Terminal Services Licensing (TermServLicensing) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\l server.exe (file missing)
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\t lntsvr.exe (file missing)
O23 - Service: Distributed Link Tracking Server (TrkSvr) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s ervices.exe (file missing)
O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s ervices.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\u ps.exe (file missing)
O23 - Service: Utility Manager (UtilMan) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\U tilMan.exe (file missing)
O23 - Service: Windows Time (W32Time) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s ervices.exe (file missing)
O23 - Service: Windows Management Instrumentation (WinMgmt) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\W BEM\WinMgmt.exe (file missing)
O23 - Service: Windows Management Instrumentation Driver Extensions (Wmi) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\S ervices.exe (file missing)
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\system32\s vchost.exe (file missing)
O23 - Service: Wireless Configuration (WZCSVC) - Unknown owner - C:\Documents and Settings\Administrator.NTSERVER\WINDOWS\System32\s vchost.exe (file missing)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 16-02-2007, 05:49 AM
VopThis's Avatar
Senior Member (Canada)
  
Join Date: Nov 2005
Posts: 3,439
VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!
Re: HiJackthis log
(file missing) O23 entries are often not actually missing entries but an inability of the HJT tool to do a proper analysis of certain such entries.



Quote:
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator.ntserver\windows\system32\r nr20.dll' missing
Need to fix the broken LSP chain:

DownLoad http://www.cexx.org/lspfix.htm

Launch the LSP application, and click the "I know what I'm doing" checkbox.

Move nothing just click Finish.


If still no joy, download and run WinsockXPFix:
http://members.shaw.ca/techcd/WinsockXPFix.exe - Winsock repair utility designed for Windows XP.




POST A REVISED HIJACKTHIS LOG for review:
Reboot and post a new HijackThis log with any feedback as appropriate - how things are now behaving: any new or remaining apparent issues.
__________________
Vincent P

MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis LOG __V2.0.2 _|

__
ASAP: promoting a high standard and quality of security support no matter where you seek help.

Quote:
SAFER SURFING TOOLS (IE/FF **FREE** browser addons):
Linkscanner + WOT (Web of Trust) + SiteAdvisor (suggest at least two but not necessarily all)
Quote:
Tell me and I forget; show me and I remember; involve me and I understand.
There are no foolish questions, the only thing foolish is not asking if you're unsure of something.
Never ASSUME any detail because it can make an ASS out of U and ME... (ASS/U/ME ).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
HijackThis log, PLEASE MAY YOU HELP ME! nancyreb Spyware, Adware, Viruses and HijackThis Logs 1 21-04-2006 12:03 AM
HiJackThis Log (obviously;) Jaywhatever2 Spyware, Adware, Viruses and HijackThis Logs 9 23-11-2005 11:35 AM
hijackthis log. greyishue Spyware, Adware, Viruses and HijackThis Logs 17 20-10-2005 07:09 PM
hijackthis log dwfriedrich Spyware, Adware, Viruses and HijackThis Logs 7 24-09-2005 09:49 PM
hijackthis log DesignLov3 Spyware, Adware, Viruses and HijackThis Logs 7 18-09-2005 09:14 PM


All times are GMT +1. The time now is 04:53 AM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav