Just a HJT Log to check

[Guest andyizcool]

Logfile of HijackThis v1.99.1

 

 

 

Scan saved at 18:21:35, on 01/12/2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\Ati2evxx[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Sygate\SPF\smc[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService[Caution: ExecutableFile]

 

 

 

C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\Ati2evxx[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\windows\system\hpsysdrv[Caution: ExecutableFile]

 

 

 

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx[Caution: ExecutableFile]

 

 

 

C:\HP\KBD\KBD[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\ALCXMNTR[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Microsoft AntiSpyware\gcasServ[Caution: ExecutableFile]

 

 

 

C:\Program Files\Java\jre1.5.0_05\bin\jusched[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\InstallShield\UpdateService\issch[Caution: ExecutableFile]

 

 

 

C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\ctfmon[Caution: ExecutableFile]

 

 

 

C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: ExecutableFile]

 

 

 

C:\Program Files\Microsoft AntiSpyware\gcasDtServ[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\wuauclt[Caution: ExecutableFile]

 

 

 

C:\Program Files\HijackThis\HijackThis[Caution: ExecutableFile]

 

 

 

 

 

 

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

 

 

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

 

 

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] /STARTUP

 

 

 

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc[Caution: ExecutableFile] -startgui

 

 

 

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM[Caution: ExecutableFile] -startup

 

 

 

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch[Caution: ExecutableFile]" -start

 

 

 

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background

 

 

 

O4 - HKCU\..\Run: [ctfmon[Caution: ExecutableFile]] C:\WINDOWS\system32\ctfmon[Caution: ExecutableFile]

 

 

 

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: ExecutableFile]

 

 

 

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL[Caution: ExecutableFile]/3000

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll

 

 

 

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

 

 

 

O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

 

 

 

O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab

 

 

 

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

 

 

 

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx[Caution: ExecutableFile]

 

 

 

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile]

 

 

 

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile]

 

 

 

O23 - Service: Belkin 54g Wireless USB Network Adapter (Belkin 54g Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService[Caution: ExecutableFile]

 

 

 

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT[Caution: ExecutableFile]

 

 

 

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc[Caution: ExecutableFile]

 

 

 

 

 

 

 

Nothing wrong with my PC or at least I hope not. I just wanted someone who knows about this type of stuff to check it over. Thanks a lot. :)

[weezcake]

I don't see anything malicious, though I do see this. :)

 

 

 

 

 

 

 

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

 

 

 

 

 

 

 

Not sure if this needs fixing or not, but it doesn't look harmful. Wait for a super pro to jump in :)

[jargon]

the file msgrapp.dll belongs to MSN Messenger. It's not a big deal to be missing this file......but if MSN starts acting up...you could do with reinstalling it. It is however a known issue that HijackThis can report this file as missing when it really is not.