blackcobra Posted September 29, 2006 Report Share Posted September 29, 2006 Today there was power failure and after that when i tried to start the application it showed me an error saying that settings.da file was damanged and recovered successfully. after the application started and computer Freezes with this Message poping outUnable to save the resuming file .Some data might be lost .Another Programm might have teh fileopen , or the disk is full.Please correct this and retry. if u press cancel the data Might be lostI have Disk space of over 25 Gb and th efiles being downloaded are of 7 Gb .Logfile of HijackThis v1.99.1Scan saved at 11:42:52 PM, on 9/29/2006Platform: Windows 2003 SP1 (WinNT 5.02.3790)MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\msdtc.exeC:\WINDOWS\system32\serverappliance\appmgr.exeC:\WINDOWS\system32\cisvc.exeC:\WINDOWS\system32\serverappliance\elementmgr.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\Eset\nod32krn.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\OO Software\CleverCache\ooccag.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Raxco\PerfectDisk\PDAgent.exeC:\Program Files\Spyware Doctor\sdhelp.exeC:\Program Files\Sygate\SPF\smc.exeC:\Program Files\Eset\nod32kui.exeC:\Program Files\OO Software\CleverCache\ooccctrl.exeC:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exeC:\WINDOWS\system32\serverappliance\srvcsurg.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\VMware\VMware Workstation\vmware-authd.exeC:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\vmnat.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\mqsvc.exeC:\WINDOWS\system32\vmnetdhcp.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Raxco\PerfectDisk\PDEngine.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Program Files\Spyware Doctor\swdoctor.exeC:\WINDOWS\system32\cidaemon.exeC:\WINDOWS\system32\cidaemon.exeC:\Program Files\Internet Download Manager\IDMan.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\WinRAR\WinRAR.exeC:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.750\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htmR1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahomail.comO2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dllO2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dllO2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dllO4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dllO4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startguiO4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktrayO4 - HKLM\..\Run: [QuickFinder Scheduler] "D:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE"O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exeO8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htmO8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htmO8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htmO8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htmO8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Open with WordPerfect - D:\Program Files\WordPerfect Office X3\Programs\WPLauncher.htaO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLLO9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{EF20AA68-F570-40D4-876A-236CA07F2F06}: NameServer = 10.10.29.1,202.65.128.251O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dllO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exeO23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exeO23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exeO23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exeO23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exeO23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exeO23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exeO23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exeO23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.