Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

AIM Spyware or Malware, not sure. Please help. [RESOLVED]

Started by Naumu , Jul 16 2008 06:44 PM

  • This topic is locked This topic is locked

#1
Naumu
Posted 16 July 2008 - 06:44 PM

Naumu

    New Member

  • Member
  • Pip
  • 2 posts
When I log in to AIM it shows me this by my clock - "aim.exe - Corrupt File ~ The file or directory 'C:/Documents and Settings\tommy\Local Settings\Temporary Internet Files\Content.IES\890JG70F\AIM_UAC[1].adp' is corrupt and unreadable. Please run the Chkdsk utility."

I have ran that, but it says it is unable to complete, I suppose due to whatever this thing is. I will post a HijackThis Log, hopefully I don't get in trouble >< and I am sorry if I wasn't supposed to. It also seems that 'scvhost.exe' is running 6 times, with a total amount of 45,000 k of my memory, is this normal?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:52:42 PM, on 7/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\VentSrv\ventrilo_svc.exe
C:\Program Files\VentSrv\ventrilo_srv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ventrilo - Unknown owner - C:\Program Files\VentSrv\ventrilo_svc.exe

--
End of file - 2753 bytes

Edited by Naumu, 16 July 2008 - 07:03 PM.

  • 0

Advertisements

#2
greyknight17
Posted 17 July 2008 - 06:40 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Welcome to GTG.

That log looks kind of short. Did you edit anything out?

Did you try uninstalling AIM, clearing your temp folders and reinstalling it? What signs are you having that makes you think it's malware related?
  • 0

#3
Naumu
Posted 18 July 2008 - 02:53 AM

Naumu

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

Welcome to GTG.

That log looks kind of short. Did you edit anything out?

Did you try uninstalling AIM, clearing your temp folders and reinstalling it? What signs are you having that makes you think it's malware related?


I reinstalled AIM, I'm honestly not too keen with computers so I didn't know I was supposed to, and I don't wanna delete something I shouldn't. I showed/asked my friend he said it was Spyware, or Malware ~ Wasn't sure. It's gone now....I think, I had nothing running and no I didn't edit anything at all.
  • 0

#4
greyknight17
Posted 18 July 2008 - 03:36 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
I doubt it was spyware here...probably just AIM being corrupted. Glad you resolved the issue.
  • 0

#5
greyknight17
Posted 18 July 2008 - 03:36 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP