Tech Support Guy banner
Cancel
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice

Solved: kindly check my hjt log please

921 Views 8 Replies 2 Participants Last post by  dvk01
carlo_scute
Happy new year to all!

Just checking for issues and vulnerabilities on my pc.

Logfile of HijackThis v1.99.1
Scan saved at 2:32:26 PM, on

1/16/2007
Platform: Windows XP SP2 (WinNT

5.01.2600)
MSIE: Internet Explorer v6.00 SP2

(6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-

Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1

\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1

\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1

\avgemc.exe
C:\Program Files\MSI\BToes Bluetooth

Software\bin\btwdins.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32

\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1

\avgcc.exe
C:\Program Files\Creative\SBAudigy2

\Surround Mixer\CTSysVol.exe
C:\Program Files\Zone

Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Spybot - Search &

Destroy\TeaTimer.exe
C:\Program

Files\SpywareGuard\sgmain.exe
C:\Program

Files\SpywareGuard\sgbhp.exe
C:\Program

Files\Hijackthis\HijackThis.exe

O2 - BHO: SpywareGuard Download

Protection - {4A368E80-174F-4872-

96B5-0B27DDD11DB2} - C:\Program

Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-

6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class -

{761497BB-D6F0-462C-B6EB-

D4DAF1D92D43} - C:\Program

Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-

CF10577473F7} - c:\program

files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-

4965-11d4-9B18-009027A5CD4F} -

c:\program

files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [AVG7_CC]

C:\PROGRA~1\Grisoft\AVGFRE~1

\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CTSysVol]

C:\Program Files\Creative\SBAudigy2

\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [Zone Labs Client]

"C:\Program Files\Zone

Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NvCplDaemon]

RUNDLL32.EXE C:\WINDOWS\system32

\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter]

RunDLL32.exe

NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ClocX] C:\Program

Files\ClocX\ClocX.exe
O4 - HKCU\..\Run: [SpybotSD

TeaTimer] C:\Program Files\Spybot -

Search & Destroy\TeaTimer.exe
O4 - Startup: ERUNT AutoBackup.lnk =

C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: SpywareGuard.lnk =

C:\Program

Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item:

E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\Office10

\EXCEL.EXE/3000
O8 - Extra context menu item: Send

To &Bluetooth - C:\Program

Files\MSI\BToes Bluetooth

Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-

00401C608501} - C:\Program

Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun

Java Console - {08B0E5C0-4FCB-11CF-

AAA5-00401C608501} - C:\Program

Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015

- {CCA281CA-C863-46ef-9331-

5C8D4460577F} - C:\Program

Files\MSI\BToes Bluetooth

Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem:

@btrez.dll,-4017 - {CCA281CA-C863-

46ef-9331-5C8D4460577F} - C:\Program

Files\MSI\BToes Bluetooth

Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger

- {E5D12C4E-7B4F-11D3-B5C9-

0050045C3C96} - C:\PROGRA~1\Yahoo!

\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo!

Messenger - {E5D12C4E-7B4F-11D3-

B5C9-0050045C3C96} - C:\PROGRA~1

\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-

00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows

Messenger - {FB5F1910-F110-11d2-

BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB

-9BD8C29F7F75} (CKAVWebScan Object)

-

http://www.kaspersky.com/kos/eng/par

tner/default/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E

-D4730F4EE499} -
O16 - DPF: {6414512B-B978-451D-A0D8

-FCFDF33E833C} (WUWebControl Class)

-

http://update.microsoft.com/windowsu

pdate/v6/V5Controls/en/x86/client/wu

web_site.cab?1125712286294
O16 - DPF: {6E5A37BF-FD42-463A-877C

-4EB7002E68AE} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042

-5009F29E09E1} (ActiveScan Installer

Class) -

http://acs.pandasoftware.com/actives

can/as5free/asinst.cab
O16 - DPF: {C946EF6D-296D-4907-A6E1

-ED0E8E5AF024} (LycosMail Upload

Control) -

http://lycosmail.lycos.com/hanmail-

ax/AttachMail.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{9

169CA32-5F65-46D4-BD7E-

CFF498EDFEB0}: NameServer =

202.124.128.2 202.124.128.3
O18 - Protocol: widimg - {EE7C2AFF-

5742-44FF-BD0E-E521B0D3C3BA} -

C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: WgaLogon -

C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier -

WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj -

{AAA288BA-9A4C-45B0-95D7-

94D524869DB5} - C:\WINDOWS\system32

\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware

Guard - Anti-Malware Development

a.s. - C:\Program Files\Grisoft\AVG

Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager

Server (Avg7Alrt) - GRISOFT, s.r.o.

- C:\PROGRA~1\Grisoft\AVGFRE~1

\avgamsvr.exe
O23 - Service: AVG7 Update Service

(Avg7UpdSvc) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1

\avgupsvc.exe
O23 - Service: AVG E-mail Scanner

(AVGEMS) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1

\avgemc.exe
O23 - Service: Bluetooth Service

(btwdins) - Broadcom Corporation -

C:\Program Files\MSI\BToes Bluetooth

Software\bin\btwdins.exe
O23 - Service: InstallDriver Table

Manager (IDriverT) - Macrovision

Corporation - C:\Program

Files\Common

Files\InstallShield\Driver\11\Intel

32\IDriverT.exe
O23 - Service: NVIDIA Display Driver

Service (NVSvc) - NVIDIA Corporation

- C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet

Monitor (vsmon) - Zone Labs, LLC -

C:\WINDOWS\system32

\ZoneLabs\vsmon.exe
See less See more
Save
Like
Status
Not open for further replies.
1 - 5 of 9 Posts
carlo_scute
Logfile of HijackThis v1.99.1
Scan saved at 2:32:26 PM, on 1/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125712286294
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} -
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://lycosmail.lycos.com/hanmail-ax/AttachMail.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9169CA32-5F65-46D4-BD7E-CFF498EDFEB0}: NameServer = 202.124.128.2 202.124.128.3
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
See less See more
Save
Like
carlo_scute
Derek,

I downloaded the latest Java from that site.
And when I went to secunia.com and ran the inspector..It gave me this:

Sun Java JRE 1.6.x / 6.x is up-to-date. The detected version installed on your system is 6.0.0.105, which either corresponds to or is newer than the latest secure version released by the vendor.

Installed on Your System in:
C:\WINDOWS\system32\java.exe

Are there issues or conflicts?
Save
Like
carlo_scute
Thanks Derek,

I'll still update the java as you said, just to be sure.
Save
Like
carlo_scute
done updating java..my thread solved!
Save
Like
1 - 5 of 9 Posts
Status
Not open for further replies.
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Hardware Virus & Other Malware Removal Off Topic Lounge Thread Games & Discussion Networking
Top