Suspected Trojan. Programs crashing

Computing.Net > Forums > Security and Virus > Suspected Trojan. Programs crashing

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

Suspected Trojan. Programs crashing

Name: CrazyDiamond
Date: April 17, 2009 at 18:48:18 Pacific
OS: Windows XP
CPU/Ram: 2 gigs
Subcategory: Viruses

Comment:

My computer's programs keep crashing.
Here's my virus scanner results(this should help a lot).
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:40:34 PM, on 4/17/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
c:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\JMRaidTool.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\eMule\emule.exe
C:\Documents and Settings\Will's Dojo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Will's Dojo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Will's Dojo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Will's Dojo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Will's Dojo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Will's Dojo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Will's Dojo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Will's Dojo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Will's Dojo\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://securityresponse.symantec.co...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: C:\WINDOWS\system32\jh9fgo4ksdgf.dll - {D7BF4552-94F1-42BD-F434-3604812C856D} -
C:\WINDOWS\system32\jh9fgo4ksdgf.dll (file missing)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.exe C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-21-3993023176-1894927675-2772396615-1005\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA
Corporation\nTune\nTuneCmd.exe" clear (User '?')
O4 - HKUS\S-1-5-21-3993023176-1894927675-2772396615-1005\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware
SE Plus\Ad-Watch.exe" (User '?')
O4 - HKUS\S-1-5-21-3993023176-1894927675-2772396615-1005\..\Run: [BitTorrent DNA] "C:\Program
Files\DNA\btdna.exe" (User '?')
O4 - HKUS\S-1-5-21-3993023176-1894927675-2772396615-1005\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -
silent (User '?')
O4 - HKUS\S-1-5-21-3993023176-1894927675-2772396615-1005\..\Run: [MSMSGS] "C:\Program
Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-3993023176-1894927675-2772396615-1005\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d
locale=en-US ee://aol/imApp (User '?')
O4 - HKUS\S-1-5-18\..\Run: [] C:\WINDOWS\TEMP\h4ryd.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [] C:\WINDOWS\TEMP\h4ryd.exe (User 'Default user')
O4 - Global Startup: NCProTray.lnk = ?
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/microso...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microso...
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://crucial.com/controls/cpcScan...
O22 - SharedTaskScheduler: sfdawtawgreage4tregrgae34 - {D7BF4552-94F1-42BD-F434-3604812C856D} -
C:\WINDOWS\system32\jh9fgo4ksdgf.dll (file missing)
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision
Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - c:\Program Files\NVIDIA
Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program
Files\Java\jre6\bin\jqs.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - c:\Program Files\NVIDIA
Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-
LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program
Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\
--
End of file - 8112 bytes

Anyone know what to do?

Sponsored Link

Ads by Google

Response Number 1

Name: jabuck
Date: April 17, 2009 at 18:54:40 Pacific

Reply:

Yes you are infected.
I wish this forum would allow you to post Hijack This logs without a request but for now it does not.

Response Number 2

Name: CrazyDiamond
Date: April 17, 2009 at 18:56:33 Pacific

Reply:

So you're not going to help?

Response Number 3

Name: jabuck
Date: April 17, 2009 at 18:58:52 Pacific

Reply:

You broke the forum rules, we are not supposed to.

Response Number 4

Name: CrazyDiamond
Date: April 17, 2009 at 19:00:58 Pacific

Reply:

Could you help me in private messages instead? I'll delete this
post if so.

Response Number 5

Name: jabuck
Date: April 17, 2009 at 19:05:15 Pacific

Reply:

I don't think you can delete the thread but if you can why don't you just delete it and start again without posting a HJT log.
Looks like another work around would be to start a new thread with a different screen name....wonder if I should have said that?

NCProTray.lnk programs crashing add remove programs crashes	all internet programs crashing computer random freeze programs crash windows xp internet programs crash
See More

Sponsored Link

Ads by Google

Virus destroyed pc

Winibluesoft trojan

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Sponsored links

Ads by Google

Results for: Suspected Trojan. Programs crashing

Trojan program:Trojan.win 32 and backdoor.win

Summary

www.computing.net/answers/security/trojan-programtrojanwin-32-and-backdoorwin/27896.html

the best free anti trojan program

Summary

www.computing.net/answers/security/the-best-free-anti-trojan-program-/5619.html

suspect trojan

Summary

www.computing.net/answers/security/suspect-trojan/6746.html

From the Geek Dictionary
007 - Zero Kills Zero Skills with Seven Deaths as a total score.

Ask a Question!

Weekly Poll
What do you think of the new preview of Chrome OS?

Poll Finishes In 5 Days.
Discuss in The Lounge
Poll History

Recent Posts
XD card recovery

XP stuck in a loop will not boot to desktop

disc disappeared inside Sony Vaio

Linux os

internet connection

All Awaiting Reply

Tom's News
Woman Tracks Down Club Attacker on Facebook

Geolocation Functions Come to Twitter

New Craigslist Trend: Trade Sex for Rent?

Law Firm Investigates MS Over Xbox Live Bans

Amazon Charges $25 for Palm Pixi and $80 for Pre

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE