Forum     

Go Back   Digit Technology Discussion Forum > Software > Software Q&A
Need Help: Plz analyze this Hijackthis log Need Help: Plz analyze this Hijackthis log
Register FAQ Calendar Mark Forums Read

Software Q&A Having trouble with software? Find solutions here


Closed Thread
 
LinkBack Thread Tools Display Modes
Old 05-06-2007, 06:58 AM   #1 (permalink)
Alpha Geek
 
Join Date: Oct 2005
Location: Thane
Posts: 611
Default Need Help: Plz analyze this Hijackthis log

Hi,
Plz analyze this log generated by hijackthis 2 beta.
I think I have a few spywares and a virus may be.

etrust generated this result. spybot and adware showed none.



config
AMD Athlon XP 1800+
MSI KT4-V mobo
Transcend 1GB DDR400
5200/128MB AGP 8X
Seagate 160GB barracuda
Samsung 80 GB
Lite-ON 20X dvd writer
Samsung 17" 753s

Win XP + SP2
Kaspersky antivirus and antihacker
spybot 1.4
adware Build1.06r1

installed yesterday
spywareblster
spywareguard
etrust spyware (only scans, does not repairs)


Other problem is that when I copy ne data in ne of my or friends' usb flash drives i can copy at max 550 KBps on my PC, while for same purpose I get 3 MBps on same drives on other PCs.
But I can read at normal speeds.

Hijackthis ver 2 beta log

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 06:36:28, on 05/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HHVcdV7Sys\VC7SecS.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HHVcdV7Sys\VC7Play.exe
C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe
C:\Program Files\Clock Tray Skins\ClockTraySkins.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\Program Files\EnhanceKeyboard\kb_2k.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\KatMouse\KatMouse.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\Program Files\SpywareGuard\sgbhp.exe
E:\totalcmd\TOTALCMD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\Ashish\LOCALS~1\Temp\_tc\HiJackThis_v2 .exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {343FA0FE-26EE-4BE9-980C-24F5E2D69FE3} - C:\WINDOWS\System32\vbgjbejh.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Internet Security Class - {A75E294E-C047-4D29-B07E-37B792881BEF} - C:\Windows\SecureWin31.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Secure] C:\WINDOWS\WindowsUpdates.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VC7Player] C:\Program Files\HHVcdV7Sys\VC7Play.exe
O4 - HKLM\..\Run: [CaISSDT] "C:\Program Files\CA\eTrust Internet Security Suite\caissdt.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\RunServices: [Msn Messenger] pplzmex.exe
O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Clock Tray Skins\ClockTraySkins.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - Startup: Shortcut to VisualTaskTips.exe.lnk = C:\Program Files\VisualTaskTips\VisualTaskTips.exe
O4 - Startup: KatMouse.lnk = C:\Program Files\KatMouse\KatMouse.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: enhanced keyboard driver.lnk = C:\Program Files\EnhanceKeyboard\kb_2k.exe
O4 - Global Startup: Kaspersky Anti-Hacker (2).lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\System32\wweb32.dll/lookup.html
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85e1f530-48f4-11d9-9629-08ff2ffc9f67} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {597F5878-51C6-11D3-B2DF-00C04F79E868} (MPIT List Class) - file://C:\Program Files\Microsoft Interactive Training\O10C\msbslist.cab
O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} (Microsoft Office XP Professional Step by Step Interactive) - file://C:\Program Files\Microsoft Interactive Training\O10C\mitm0026.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D5EAB1D-504F-4628-A103-BBB6C3FF8D29}: NameServer = 172.16.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3D5EAB1D-504F-4628-A103-BBB6C3FF8D29}: NameServer = 172.16.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3D5EAB1D-504F-4628-A103-BBB6C3FF8D29}: NameServer = 172.16.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{3D5EAB1D-504F-4628-A103-BBB6C3FF8D29}: NameServer = 172.16.1.1
O17 - HKLM\System\CS4\Services\Tcpip\..\{3D5EAB1D-504F-4628-A103-BBB6C3FF8D29}: NameServer = 172.16.1.1
O17 - HKLM\System\CS5\Services\Tcpip\..\{3D5EAB1D-504F-4628-A103-BBB6C3FF8D29}: NameServer = 172.16.1.1
O17 - HKLM\System\CS6\Services\Tcpip\..\{3D5EAB1D-504F-4628-A103-BBB6C3FF8D29}: NameServer = 172.16.1.1
O17 - HKLM\System\CS7\Services\Tcpip\..\{3D5EAB1D-504F-4628-A103-BBB6C3FF8D29}: NameServer = 172.16.1.1
O17 - HKLM\System\CS8\Services\Tcpip\..\{3D5EAB1D-504F-4628-A103-BBB6C3FF8D29}: NameServer = 172.16.1.1
O17 - HKLM\System\CS9\Services\Tcpip\..\{3D5EAB1D-504F-4628-A103-BBB6C3FF8D29}: NameServer = 172.16.1.1
O20 - Winlogon Notify: nnnkkhe - nnnkkhe.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Net Logon Manager - Unknown owner - C:\WINDOWS\system32\spoolvc.exe (file missing)
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Virtual CD v7 Management Service (VC7SecS) - H+H Software GmbH - C:\Program Files\HHVcdV7Sys\VC7SecS.exe
O23 - Service: Visual Studio Analyzer RPC bridge - Unknown owner - C:\Program Files\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe (file missing)

--
End of file - 9367 bytes




Thanks...
ashnik is offline  
Advertisements. Register and be a member of the community to get rid of them.
Advertisement

Old 05-06-2007, 06:13 PM   #2 (permalink)
Wise Old Owl
 
piyush gupta's Avatar
 
Join Date: Sep 2005
Location: never land
Posts: 1,284
Default Re: Need Help: Plz analyze this Hijackthis log
copy paste you log file here

http://www.hijackthis.de/


press analyze
piyush gupta is offline  
Old 05-06-2007, 08:42 PM   #3 (permalink)
Microsoft MVP
 
Vishal Gupta's Avatar
 
Join Date: Jul 2005
Location: AskVG.com
Posts: 5,173
Default Re: Need Help: Plz analyze this Hijackthis log
Boot into safe mode and fix these entries:

Code:
E:\totalcmd\TOTALCMD.EXE
O2 - BHO: Internet Security Class - {A75E294E-C047-4D29-B07E-37B792881BEF} - C:\Windows\SecureWin31.dll
O4 - HKLM\..\Run: [Secure] C:\WINDOWS\WindowsUpdates.exe
O4 - HKLM\..\RunServices: [Msn Messenger] pplzmex.exe
O20 - Winlogon Notify: nnnkkhe - nnnkkhe.dll (file missing)
__________________
:arrow: http://www.AskVG.com/
Vishal Gupta is offline  
Old 06-06-2007, 11:45 AM   #4 (permalink)
Alpha Geek
 
Join Date: Oct 2005
Location: Thane
Posts: 611
Default Re: Need Help: Plz analyze this Hijackthis log
thanks mate, ne spywares / virii u happen to spot?
ashnik is offline  
Old 06-06-2007, 02:53 PM   #5 (permalink)
Microsoft MVP
 
Vishal Gupta's Avatar
 
Join Date: Jul 2005
Location: AskVG.com
Posts: 5,173
Default Re: Need Help: Plz analyze this Hijackthis log
approx. all are virus/spywares, which I mentioned to fix.
__________________
:arrow: http://www.AskVG.com/
Vishal Gupta is offline  
Closed Thread

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Please review this HijackThis log tuxfan QnA (read only) 7 12-08-2005 12:03 PM
Please chk my HijackThis log file pirates1323 QnA (read only) 2 10-06-2005 10:48 PM
HijackThis isn't hijacking! The Incredible QnA (read only) 11 28-05-2005 12:38 AM
hijackthis analysis johny_4board QnA (read only) 12 22-05-2005 12:12 PM
Please Advice : Go thru my HijackThis Log.. whistler QnA (read only) 5 13-05-2005 09:13 PM

 
Latest Threads
Must Watch Movies Recommended By Digitians
- by ~Phenom~
Is there a chance to get my N8 back ???
- by gameranand
connectify.me help
- by chris
Micromax Funbook problems
- by Anand_Tux
The LG Optimus One Thread
- by noobdroid
Need for Speed Most Wanted reboot
- by cyborg47
Language learners' discussion thread !! :D
- by icebags
Micromax Funbook
- by Tenida
Memory card Buying Suggestion-Class4 or Class 6
- by akchoudhary24
Team Fortress 2
- by Who

Advertisement




All times are GMT +5.5. The time now is 11:46 PM.

Contact Us - Thinkdigit.com - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2012, vBulletin Solutions, Inc.

Search Engine Optimization by vBSEO 3.3.2