Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virusprotect Pro Hijackthis Scan Results...help Wanted


  • Please log in to reply
1 reply to this topic

#1 demb07

demb07

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:52 PM

Posted 24 July 2007 - 12:56 PM

what should i delete?
(The first columns on the left arent important)

ndex % of PCs with item Code Data
1 0.3% O14 START_PAGE_URL=http://www.sony.com/vaiopeople
2 4.2% O2 AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
3 2.8% O2 SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
4 2.7% O2 Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
5 0.9% O2 Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
6 0.2% O2 scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
7 0.0% O2 AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
8 0.0% O2 Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
9 0.0% O2 (no name) - {D61D7E1A-6613-49CA-B6F9-51DB248E209D} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
10 0.0% O22 convalescently - {cea2e5cd-e849-427b-80f0-59298caef1c4} - C:\WINDOWS\System32\cqsfk.dll
11 10.4% O23 NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
12 9.9% O23 Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13 8.0% O23 InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14 3.4% O23 iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
15 2.3% O23 LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
16 0.9% O23 Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
17 0.8% O23 Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
18 0.8% O23 EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
19 0.8% O23 RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
20 0.7% O23 PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
21 0.7% O23 MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
22 0.5% O23 SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
23 0.3% O23 VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
24 0.3% O23 VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
25 0.3% O23 VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
26 0.3% O23 VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
27 0.2% O23 VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
28 0.2% O23 VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
29 0.2% O23 VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
30 0.2% O23 VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
31 0.2% O23 VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
32 0.2% O23 McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
33 0.2% O23 McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
34 0.2% O23 McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
35 0.2% O23 Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
36 0.1% O23 VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
37 0.1% O23 VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
38 0.0% O23 AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
39 2.7% O3 &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
40 1.0% O3 Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
41 0.0% O3 Protection Bar - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - C:\Program Files\Video ActiveX Access\iesbpl.dll
42 27.8% O4 [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
43 12.5% O4 [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
44 10.8% O4 [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
45 7.2% O4 [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
46 6.6% O4 Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
47 6.1% O4 [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
48 6.1% O4 [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
49 4.0% O4 [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
50 2.9% O4 [Alcmtr] ALCMTR.EXE
51 2.8% O4 [RTHDCPL] RTHDCPL.EXE
52 1.4% O4 [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
53 1.1% O4 [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
54 0.9% O4 [Apoint] C:\Program Files\Apoint\Apoint.exe
55 0.8% O4 [Persistence] C:\WINDOWS\system32\igfxpers.exe
56 0.7% O4 [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
57 0.5% O4 [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
58 0.4% O4 [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
59 0.3% O4 [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
60 0.3% O4 [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
61 0.3% O4 [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
62 0.2% O4 [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
63 0.2% O4 [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
64 0.2% O4 [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
65 0.2% O4 [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
66 0.2% O4 [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
67 0.2% O4 [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
68 0.2% O4 Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
69 0.1% O4 [rare] C:\Program Files\Video ActiveX Access\imsmain.exe
70 0.1% O4 [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
71 0.1% O4 [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe
72 0.1% O4 Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
73 0.0% O4 [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
74 0.0% O4 [TVTunerLib] C:\Program Files\Common Files\Sony Shared\TVTunerLib\TVTLInstTool.exe
75 0.0% O4 [HostManager] C:\Program Files\Common Files\AOL\1132619981\ee\AOLHostManager.exe
76 0.0% O4 [NI.UGA6P_0001_N111M1707] "C:\documents and settings\ignacio jr\application data\install_en[1].exe" -nag
77 1.0% O8 E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
78 0.0% O8 Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
79 22.3% O9 Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
80 22.0% O9 Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
81 2.6% O9 (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
82 2.2% O9 Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
83 1.1% O9 Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
84 0.0% O9 (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
85 0.0% O9 @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
86 43.3% P01 C:\WINDOWS\Explorer.EXE
87 42.3% P01 C:\WINDOWS\system32\svchost.exe
88 42.3% P01 C:\WINDOWS\system32\lsass.exe
89 42.3% P01 C:\WINDOWS\system32\winlogon.exe
90 42.3% P01 C:\WINDOWS\system32\services.exe
91 42.2% P01 C:\WINDOWS\System32\smss.exe
92 40.6% P01 C:\WINDOWS\system32\spoolsv.exe
93 29.4% P01 C:\WINDOWS\system32\ctfmon.exe
94 7.8% P01 C:\Program Files\QuickTime\qttask.exe
95 7.4% P01 C:\Program Files\Messenger\msmsgs.exe
96 6.5% P01 C:\Program Files\iPod\bin\iPodService.exe
97 6.2% P01 C:\Program Files\iTunes\iTunesHelper.exe
98 6.0% P01 C:\Program Files\Mozilla Firefox\firefox.exe
99 5.6% P01 C:\WINDOWS\System32\hkcmd.exe
100 3.0% P01 C:\WINDOWS\system32\igfxpers.exe
101 2.5% P01 C:\WINDOWS\RTHDCPL.EXE
102 2.4% P01 C:\WINDOWS\system32\LEXBCES.EXE
103 2.3% P01 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
104 2.3% P01 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
105 2.2% P01 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
106 2.2% P01 C:\WINDOWS\system32\lexpps.exe
107 2.0% P01 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
108 1.3% P01 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
109 1.2% P01 C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
110 1.0% P01 C:\WINDOWS\System32\wbem\wmiapsrv.exe
111 0.9% P01 C:\Program Files\Apoint\Apntex.exe
112 0.9% P01 C:\Program Files\Apoint\Apoint.exe
113 0.3% P01 C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
114 0.3% P01 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
115 0.2% P01 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
116 0.2% P01 C:\Program Files\Sony\ISB Utility\ISBMgr.exe
117 0.2% P01 C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
118 0.2% P01 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
119 0.2% P01 C:\Program Files\MySpace\IM\MySpaceIM.exe
120 0.2% P01 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
121 0.2% P01 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
122 0.2% P01 C:\Program Files\McAfee\Common Framework\FrameworkService.exe
123 0.2% P01 C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
124 0.2% P01 C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
125 0.2% P01 C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
126 0.2% P01 C:\Program Files\McAfee\Common Framework\McTray.exe
127 0.2% P01 C:\Program Files\McAfee\Common Framework\UdaterUI.exe
128 0.1% P01 C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
129 0.1% P01 C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
130 0.1% P01 C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
131 0.1% P01 C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
132 0.1% P01 C:\Program Files\Trend Micro\Tmas\Tmas.exe
133 0.1% P01 C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
134 0.1% P01 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
135 0.0% P01 C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
136 0.0% P01 C:\Program Files\Common Files\AOL\1132619981\ee\AOLHostManager.exe
137 0.0% P01 C:\Program Files\Common Files\AOL\1132619981\ee\AOLServiceHost.exe
138 0.0% P01 C:\RM\HiJackThis.exe
139 1.7% R0 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
140 0.6% R0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
141 16.2% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
142 15.5% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
143 0.6% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
144 0.4% R1 HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
145 0.1% R1 HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
146 0.8% R3 Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
147 0.0% R3 AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll

BC AdBot (Login to Remove)

 


#2 sjpritch25

sjpritch25

  • Security Colleague
  • 903 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Coast of Florida, USA
  • Local time:06:52 PM

Posted 24 July 2007 - 07:13 PM

Welcome to BC :thumbsup:

What is the log you posted???

Please download HJTInstaller.exee Here
Let it Place Hijackthis in C:\Program Files\Trend Micro\Hijackthis
Let it create a Desktop Icon
Open Hijackthis.exe
Click on Do a System Scan and Save log file
Don't Fix any Items!!!
Just copy and paste the contents of the log file to your reply.


Download SmitfraudFix (by S!Ri) to your Desktop.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
http://siri.geekstogo.com/SmitfraudFix.exe
  • Double-click on SmitfraudFix.exe

    Posted Image

  • Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt
  • In your next reply, please post the contents of rapport.txt.
Note: process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "Risk Tool". Its not a virus, but a program used to stop system precesses. Antivirus programs cannot distinguish between "good" and malicious" use of the such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm
Microsoft MVP Consumer Security--2007-2010




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users