1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Hijack This log denied access to hosts file

Discussion in 'Virus & Other Malware Removal' started by shjbbk, Dec 16, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. shjbbk

    shjbbk Thread Starter

    Joined:
    Apr 12, 2007
    Messages:
    34
    Hijack This log denied access to hosts file
    Hi,

    Ran a HijackThis scan and it told me it was denied access to the hosts file. Here is the log would appreciate it if someone could look at it for me thanks.

    Running Windows 7 32 bit

    Also having problems updating Malwarebytes not sure if related or not


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:10:35 AM, on 12/6/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\SOUNDMAN.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\ContentWatch\Internet Protection\cwtray.exe
    C:\Program Files\winguard\wgpro7.exe
    C:\Users\DAD\AppData\Local\Facebook\Update\FacebookUpdate.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Users\DAD\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [cwcptray] C:\Program Files\ContentWatch\Internet Protection\cwtray.exe
    O4 - HKLM\..\Run: [wg] C:\Program Files\winguard\wgpro7.exe
    O4 - HKCU\..\Run: [cdloader] "C:\Users\DAD\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
    O4 - HKCU\..\Run: [Facebook Update] "C:\Users\DAD\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\cwalsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: ContentWatch (CwAltaService20) - ContentWatch, Inc. - C:\Program Files\ContentWatch\Internet Protection\cwsvc.exe
    O23 - Service: Firebird Server - LP_SERVER (FirebirdServerLP_SERVER) - Firebird Project - C:\Program Files\LawnPro 4\DB\bin\fbserver.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

    --
    End of file - 7261 bytes
     
  2. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,907
    First Name:
    Frank
    Go to Control Panel - User Accounts, then select "Change UAC Settings", then move the slider to "Never Notify", then click OK, then restart the computer.

    HiJackThis will work properly now without displaying that warning message.

    ------------------------------------------------------------

    Start HiJackThis, but don't run a scan.

    Click on the "Open The Misc Tools Section" button.

    Click on the "Open Uninstall Manager" button.

    Click on the "Save List" button.

    Save the "uninstall_list.txt" file somewhere.

    It'll then open in Notepad.

    Return here to your thread, then copy-and-paste the entire file here.

    ------------------------------------------------------------
     
  3. shjbbk

    shjbbk Thread Starter

    Joined:
    Apr 12, 2007
    Messages:
    34
    Sorry it took me so long to respond, here is the file you requested:


    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.4.4
    Amazon MP3 Downloader 1.0.12
    Apple Application Support
    Apple Software Update
    ATI - Software Uninstall Utility
    ATI Display Driver
    Audacity 1.3.13 (Unicode)
    AVG 2011
    AVG 2011
    AVG 2011
    Bonjour
    Burger Shop 2(TM)
    Canon MP250 series MP Drivers
    CCScore
    Coupon Printer for Windows
    Cradle of Rome
    D3DX10
    Delicious 2 Deluxe
    Demolition Company Demo
    Download Updater (AOL LLC)
    ESSBrwr
    ESSCDBK
    ESScore
    ESSgui
    ESShelp
    ESSini
    ESSPCD
    ESSPDock
    ESSSONIC
    ESSTOOLS
    essvatgt
    essvcpt
    Facebook Video Calling 1.0.0.8953
    FileZilla Client 3.5.0
    Google Chrome
    Google Update Helper
    HiJackThis
    HLPPDOCK
    Java(TM) 6 Update 29
    Junk Mail filter update
    kgcbase
    Kodak EasyShare software
    KSU
    LawnPro 4
    Letters from Nowhere
    Logitech Vid
    Logitech Webcam Software
    Logitech Webcam Software Driver Package
    magicJack Recovery Tool 1.0
    Mahjongg Dimensions Deluxe
    Malwarebytes' Anti-Malware version 1.51.2.1300
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Client Profile
    Microsoft Close Combat: A Bridge Too Far
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft VC9 runtime libraries
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Mozilla Firefox 6.0.2 (x86 en-US)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Net Nanny Parental Controls
    Notifier
    OfotoXMI
    OTtBP
    OTtBPSDK
    Pamela Basic 4.7
    QuickTime
    Realtek AC'97 Audio
    RollerCoaster Tycoon
    RollerCoaster Tycoon 3 Platinum
    Security Update for CAPICOM (KB931906)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    SFR
    SHASTA
    SKIN0001
    SKINXSDK
    Skype Click to Call
    Skype™ 5.5
    Skyscraper 2.0 Alpha 7
    staticcr
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    VPRINTOL
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer
    Windows Live Writer
    Windows Live Writer Resources
    Windows Movie Maker 2.6
    WinGuard Pro 2011, v7.6.0.3
    WIRELESS
    Wizard101
    Zuma Deluxe
    Zuma's Revenge!(TM) - Adventure
     
  4. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,907
    First Name:
    Frank
    You didn't advise why you submitted a HiJackThis log, so I'll reply to you - based on what your logs show.

    Do the following in the order listed.

    -----------------------------------------------

    Go to Control Panel - Programs And Features.

    Uninstall these programs:

    ContentWatch Internet Protection

    WinGuard Pro 2011


    After they've been uninstalled, restart your computer.

    -----------------------------------------------

    Download and SAVE these programs:

    Adobe Flash Player ActiveX 11.1.102.55

    Adobe Flash Player Plugin 11.1.102.55

    Adobe Reader 10.1.1

    Java Runtime Environment 1.6.0.30(6 Update 30)

    Microsoft Silverlight 5.0.61118.0

    Mozilla Firefox 9.0.1

    Skype 5.6.0.110

    SUPERAntiSpyware 5.0.0.1142

    (Note: Click the green icon with white "down" arrow at each site to download them)

    After they've all been downloaded and SAVED, restart your computer.

    -----------------------------------------------

    Click Start - Run, then type in

    %temp%

    and then click OK.

    Click Start - Run, then type in

    c:\windows\temp

    and then click OK.

    Once those 2 temp folders appear and you can view their contents, select and delete EVERYTHING that's inside them.

    If a few files resist being deleted, that's normal behavior. Leave them alone and delete EVERYTHING else.

    After you're done, restart your computer.

    -----------------------------------------------

    Install the 8 programs that you previously downloaded and SAVED.

    The first 7 programs will update the older versions in your computer.

    The last program will be used in conjunction with Malwarebytes Anti-Malware 1.51.2.1300(which you already have installed) for combating malware, spyware, rogues, hijackers, etc. in your computer.

    After they've all been installed, restart your computer for the last time.

    -----------------------------------------------

    Start HiJackThis, then click "Do a system scan and save a log file".

    Save the new log that appears, then copy-and-paste it here.

    -----------------------------------------------
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1031492

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice