1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

CNY Cleaning: HJT Log incl.

Discussion in 'Virus & Other Malware Removal' started by LadyDragon, Jan 27, 2007.

Thread Status:
Not open for further replies.
  1. LadyDragon

    LadyDragon Thread Starter

    Joined:
    Mar 25, 2004
    Messages:
    114
    Similar to the "Spring Cleaning" phonemonon (that ain't) in the USA, in Asia when Chinese New Year looms everyone begins a massive clean-up. And I mean EVERYONE. So, since I am rather anti-housework, I decided that my bit will be to "clean up" my crowded computer.

    Also it has been lagging a bit long recently.

    First I ran CWShredder but no hits there (y)

    Here is the HJT log. I would appreciate feedback on this as I know how to run it but do not know enough about computers to feel comfortable attacking any of these problems on my own.:eek:

    Additional suggestions on how to "clean up" further would be welcome.

    Happy Chinese New Year (Feb 17th-Feb 24th) to you all. Welcome the year of the PIG.:D

    Logfile of HijackThis v1.99.1
    Scan saved at 8:03:24 PM, on 1/27/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00

    (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows

    Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4

    \aswUpdSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4

    \ashServ.exe
    C:\Program Files\Common Files\Microsoft

    Shared\VS7Debug\mdm.exe
    C:\Program Files\Common Files\Symantec

    Shared\SNDSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Sony\VAIO Media

    Integrated Server\VMISrv.exe
    C:\Program Files\Common Files\Sony

    Shared\VAIO Entertainment

    Platform\VCSW\VCSW.exe
    C:\Program Files\Common Files\Sony

    Shared\VAIO Entertainment

    Platform\VzCdb\VzCdbSvc.exe
    C:\Program Files\Common Files\Sony

    Shared\VAIO Entertainment

    Platform\VzCdb\VzFw.exe
    C:\Program Files\Sony\VAIO Media

    Integrated Server\Platform\SV_Httpd.exe
    C:\Program Files\Sony\VAIO Media

    Integrated

    Server\Platform\UPnPFramework.exe
    C:\Program Files\Alwil Software\Avast4

    \ashMaiSv.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files\Alwil Software\Avast4

    \ashWebSv.exe
    C:\Program Files\Sony\HotKey

    Utility\HKserv.exe
    C:\Program Files\Sony\VAIO Media

    Integrated Server\Platform\VMConsole.exe
    C:\Program Files\Common

    Files\Real\Update_OB\realsched.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\Sony\HotKey

    Utility\HKWnd.exe
    C:\Program Files\Windows

    Defender\MSASCui.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program

    Files\WallpaperToy\Wallpapertoy.Exe
    C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn0

    \YTBSDK.exe
    C:\Documents and Settings\Dawnine Clews\My

    Documents\My Security

    Concerns\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet

    Explorer\Main,Start Page =

    http://www.thebreastcancersite.com/
    R1 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Default_Page_URL =

    http://go.microsoft.com/fwlink/?

    LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Default_Search_URL =

    http://go.microsoft.com/fwlink/?

    LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Search Page =

    http://go.microsoft.com/fwlink/?

    LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Start Page =

    http://go.microsoft.com/fwlink/?

    LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet

    Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet

    Explorer\Main,Local Page =
    R3 - URLSearchHook: Yahoo! Toolbar -

    {EF99BD32-C1FB-11D2-892F-0090271D4F88} -

    C:\Program Files\Yahoo!

    \Companion\Installs\cpn0\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper -

    {02478D38-C3F9-4EFB-9B51-7695ECA05670} -

    C:\Program Files\Yahoo!

    \Companion\Installs\cpn0\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper -

    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

    C:\Program Files\Adobe\Acrobat 7.0

    \ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper -

    {AA58ED58-01DD-4d91-8333-CF10577473F7} -

    c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-

    C1FB-11D2-892F-0090271D4F88} - C:\Program

    Files\Yahoo!\Companion\Installs\cpn0

    \yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-

    11d4-9B18-009027A5CD4F} - c:\program

    files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [Apoint] C:\Program

    Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [CreateCD_Reminder]

    C:\WINDOWS\Sonysys\VAIO

    Recovery\reminder.exe
    O4 - HKLM\..\Run: [VAIO Recovery]

    C:\WINDOWS\Sonysys\VAIO

    Recovery\PartSeal.exe
    O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program

    Files\Sony\HotKey Utility\HKserv.exe
    O4 - HKLM\..\Run: [VMConsole.exe]

    C:\Program Files\Sony\VAIO Media

    Integrated Server\Platform\VMConsole.exe

    /windowmin
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program

    Files\Common

    Files\Real\Update_OB\realsched.exe" -

    osboot
    O4 - HKLM\..\Run: [QuickTime Task]

    "C:\Program Files\QuickTime\qttask.exe" -

    atboottime
    O4 - HKLM\..\Run: [Windows Defender]

    "C:\Program Files\Windows

    Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1

    \ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe]

    C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: Wallpaper Changer.lnk =

    C:\Program

    Files\WallpaperToy\Wallpapertoy.Exe
    O8 - Extra context menu item: E&xport to

    Microsoft Excel - res://C:\PROGRA~1

    \MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-

    4FCB-11CF-AAA5-00401C608501} - C:\Program

    Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra 'Tools' menuitem: Sun Java

    Console - {08B0E5C0-4FCB-11CF-AAA5-

    00401C608501} - C:\Program

    Files\Java\jre1.5.0\bin\npjpi150.dll
    O9 - Extra button: Baggle - {6C655F77-

    6FE0-4771-BD0A-F41F5A8F916B} - C:\Program

    Files\Baggle\Baggle\getImageText.dll
    O9 - Extra 'Tools' menuitem: Baggle -

    {6C655F77-6FE0-4771-BD0A-F41F5A8F916B} -

    C:\Program

    Files\Baggle\Baggle\getImageText.dll
    O9 - Extra button: (no name) - {e2e2dd38-

    d088-4134-82b7-f2ba38496583} - %windir%

    \Network Diagnostic\xpnetdiag.exe (file

    missing)
    O9 - Extra 'Tools' menuitem:

    @xpsp3res.dll,-20001 - {e2e2dd38-d088-

    4134-82b7-f2ba38496583} - %windir%\Network

    Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-

    F110-11d2-BB9E-00C04F795683} - C:\Program

    Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows

    Messenger - {FB5F1910-F110-11d2-BB9E-

    00C04F795683} - C:\Program

    Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL]

    International*
    O14 - IERESET.INF:

    START_PAGE_URL=http://www.sony.com/vaiopeo

    ple
    O16 - DPF: YExplorer1_8US.CAB -

    http://photos.groups.yahoo.com/ocx/us/yexp

    lorer1_8us.cab
    O16 - DPF: {17492023-C23A-453E-A040-

    C7C580BBF700} (Windows Genuine Advantage

    Validation Tool) -

    http://go.microsoft.com/fwlink/?

    linkid=39204
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-

    2D05CB959537} (MSN Photo Upload Tool) -

    http://groups.msn.com/controls/PhotoUC/Msn

    PUpld.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-

    5009F29E09E1} (ActiveScan Installer Class)

    -

    http://acs.pandasoftware.com/activescan/as

    5free/asinst.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-

    73DB16A1543A} -

    http://download.games.yahoo.com/games/web_

    games/popcap/bejeweled2/popcaploader_v6.ca

    b
    O20 - Winlogon Notify: WgaLogon -

    C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-

    9A4C-45B0-95D7-94D524869DB5} -

    C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control

    Service (aswUpdSv) - Unknown owner -

    C:\Program Files\Alwil Software\Avast4

    \aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown

    owner - C:\Program Files\Alwil

    Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner -

    Unknown owner - C:\Program Files\Alwil

    Software\Avast4\ashMaiSv.exe" /service

    (file missing)
    O23 - Service: avast! Web Scanner -

    Unknown owner - C:\Program Files\Alwil

    Software\Avast4\ashWebSv.exe" /service

    (file missing)
    O23 - Service: InstallDriver Table Manager

    (IDriverT) - Macrovision Corporation -

    C:\Program Files\Common

    Files\InstallShield\Driver\1050\Intel 32

    \IDriverT.exe
    O23 - Service: Pml Driver HPZ12 - HP -

    C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Symantec Network Drivers

    Service (SNDSrvc) - Symantec Corporation -

    C:\Program Files\Common Files\Symantec

    Shared\SNDSrvc.exe
    O23 - Service: VAIO Entertainment

    Aggregation and Control Service - Sony

    Corporation - C:\Program Files\Common

    Files\Sony Shared\VAIO

    Entertainment\VzRs\VzRs.exe
    O23 - Service: VAIO Entertainment Task

    Scheduler - Sony Corporation - C:\Program

    Files\Sony\vaio

    entertainment\VzTaskScheduler.exe
    O23 - Service: VAIO Entertainment TV

    Device Arbitration Service - Sony

    Corporation - C:\Program Files\Common

    Files\Sony Shared\VAIO Entertainment

    Platform\VzCs\VzHardwareResourceManager\Vz

    HardwareResourceManager.exe
    O23 - Service: VAIO Media Integrated

    Server (VAIOMediaPlatform-

    IntegratedServer-AppServer) - Sony

    Corporation - C:\Program Files\Sony\VAIO

    Media Integrated Server\VMISrv.exe
    O23 - Service: VAIO Media Integrated

    Server (HTTP) (VAIOMediaPlatform-

    IntegratedServer-HTTP) - Unknown owner -

    C:\Program Files\Sony\VAIO Media

    Integrated Server\Platform\SV_Httpd.exe"

    /Service=VAIOMediaPlatform-

    IntegratedServer-HTTP

    /RegRoot="SOFTWARE\Sony Corporation\VAIO

    Media Platform\2.0"

    /RegExt="Applications\IntegratedServer\HTT

    P (file missing)
    O23 - Service: VAIO Media Integrated

    Server (UPnP) (VAIOMediaPlatform-

    IntegratedServer-UPnP) - Sony Corporation

    - C:\Program Files\Sony\VAIO Media

    Integrated

    Server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Gateway Server

    (VAIOMediaPlatform-Mobile-Gateway) -

    Unknown owner - C:\Program Files\Sony\VAIO

    Media Integrated

    Server\Platform\VmGateway.exe"

    /Service=VAIOMediaPlatform-Mobile-Gateway

    /RegRoot="SOFTWARE\Sony Corporation\VAIO

    Media Platform\2.0"

    /RegExt="\Addons\Packages\Mobile\Gateway"

    /DisplayName="VAIO Media Gateway Server

    (file missing)
    O23 - Service: VAIO Media Video Server

    (VAIOMediaPlatform-VideoServer-AppServer)

    - Unknown owner - C:\Program

    Files\Sony\VAIO Media Integrated

    Server\Video\GPVSvr.exe"

    /Service=VAIOMediaPlatform-VideoServer-

    AppServer /DisplayName="VAIO Media Video

    Server (file missing)
    O23 - Service: VAIO Media Video Server

    (UPnP) (VAIOMediaPlatform-VideoServer-

    UPnP) - Sony Corporation - C:\Program

    Files\Sony\VAIO Media Integrated

    Server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Entertainment UPnP

    Client Adapter (Vcsw) - Sony Corporation -

    C:\Program Files\Common Files\Sony

    Shared\VAIO Entertainment

    Platform\VCSW\VCSW.exe
    O23 - Service: VAIO Entertainment Database

    Service (VzCdbSvc) - Sony Corporation -

    C:\Program Files\Common Files\Sony

    Shared\VAIO Entertainment

    Platform\VzCdb\VzCdbSvc.exe
    O23 - Service: VAIO Entertainment File

    Import Service (VzFw) - Sony Corporation -

    C:\Program Files\Common Files\Sony

    Shared\VAIO Entertainment

    Platform\VzCdb\VzFw.exe
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    The Hijack This log is hard to read.
    Please rescan with Hijack This.
    When the log opens in Notepad, go to Format and select Wordwrap.
    Then copy and paste the log here.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Cleaning incl
  1. jllp
    Replies:
    6
    Views:
    612
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/538763

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice