[RESOLVED] Please look at my HTJ log file
Results 1 to 3 of 3

Thread: [RESOLVED] Please look at my HTJ log file

  1. January 23rd, 2006, 12:22 PM #1
    frums's Avatar
    frums
    frums is offline Elder newbie
    Join Date
    Sep 2003
    Location
    Canada
    Posts
    131

    Resolved [RESOLVED] Please look at my HTJ log file

    I have done what was requested in Forum rules, and would appreciate someone taking a look at my log file to see if it is now clean. Thanks in advance.

    Logfile of HijackThis v1.99.1
    Scan saved at 9:16:07 AM, on 24/01/2006
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    E:\Sygate\SPF\smc.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    E:\AVG\avgamsvr.exe
    E:\AVG\avgupsvc.exe
    C:\WINNT\System32\svchost.exe
    E:\ewido anti-malware\ewidoctrl.exe
    E:\ewido anti-malware\ewidoguard.exe
    C:\WINNT\system32\nvsvc32.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\MsPMSPSv.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\inetsrv\inetinfo.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    E:\AVG\avgcc.exe
    E:\AVG\avgemc.exe
    C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
    F:\iTunes\iTunesHelper.exe
    F:\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINNT\system32\internat.exe
    D:\Thunderbird\thunderbird.exe
    E:\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
    E:\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ezpost.com/
    O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - C:\WINNT\system32\HDBHO.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Adobe\Acrobat

    6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program

    Files\Java\jre1.5.0_06\bin\ssv.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\MSDXM.OCX
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [AVG7_CC] E:\AVG\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] E:\AVG\avgemc.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
    O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio

    Shared\System\EngUtil.exe"
    O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "F:\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [RemoteControl] F:\CyberLink\PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [SmcService] E:\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKCU\..\Run: [internat.exe] internat.exe
    O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

    Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

    Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} -

    C:\WINNT\system32\shdocvw.dll
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -

    http://housecall-beta.trendmicro.com...ll/xscan60.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

    http://update.microsoft.com/microsof...b?112877531529

    6
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -

    http://acs.pandasoftware.com/actives...ree/asinst.cab
    O20 - AppInit_DLLs: c:\winnt\system32\wmfhotfix.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\AVG\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\AVG\avgupsvc.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. -

    C:\WINNT\System32\dmadmin.exe
    O23 - Service: ewido security suite control - ewido networks - E:\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - E:\ewido anti-malware\ewidoguard.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program

    Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -

    C:\WINNT\system32\nvsvc32.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. -

    E:\Sygate\SPF\smc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. -

    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    Sorry I posted incorrectly in this post:

    http://discussions.virtualdr.com/sho...d.php?t=200540

    That post still does have the one problem left to solve.

    Thanks,

    frums
    Treat people as if they were what they ought to be and you will help them become what they are capable of becoming.
    Reply With Quote Reply With Quote
  2. January 23rd, 2006, 03:05 PM #2
    Compguy Pete's Avatar
    Compguy Pete
    Compguy Pete is offline Virtual PC Surgeon!
    Join Date
    Jul 1998
    Location
    Hermantown, MN
    Posts
    1,650
    The Inernat.exe is one of those files that is suppose to be there yet it could also be a virus/trojan. Named: Win32.Lydra.a

    go to http://housecall.antivirus.com using Internet Explorer.

    Another way to test this file is scanning just that file alone at http://virusscan.jotti.org/ The file you want to browse for is C:\WINNT\system32\internat.exe
    Reply With Quote Reply With Quote
  3. January 23rd, 2006, 09:47 PM #3
    frums's Avatar
    frums
    frums is offline Elder newbie
    Join Date
    Sep 2003
    Location
    Canada
    Posts
    131

    Resolved Resolved Thank you.

    I had done the housecall and panda scans before..everything clean, but re-did the housecall and also the jotti.org scan just now.

    Scans comes up clean - no infections.

    Thanks for your time and assistance. It is much appreciated.

    frums

    This thread can now be considered closed.
    Last edited by frums; January 23rd, 2006 at 09:52 PM.
    Treat people as if they were what they ought to be and you will help them become what they are capable of becoming.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules