Sponsored By

coriell12277

Hjt Log Please Look Thank You![RESOLVED]

Recommended Posts

an one other thing i cant get rid of all is the tight vnc i went to add remove programs an removed it from there but then said some other stuff i have to remove manualy but when i try to remove it it says it aleady running how do i get around this one cause i dont want it no more ??????????????????///

Share this post


Link to post
Share on other sites

reboot into safe mode (continually tap the F8 key while your system is starting, select Safe Mode from the menu).

Then try to delete the folder/files.

-Ryan

Share this post


Link to post
Share on other sites

well i removed it from in safe mode but according to a new hjt log its still there hmmmmmmmmm weired heres a new log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:30:40 PM, on 8/26/2007

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\ZoneLabs\vsmon.exe

C:\WINNT\system32\spoolsv.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\Program Files\Comodo\CBOClean\BOCORE.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\Explorer.EXE

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Grisoft\AVG7\avgcc.exe

C:\PROGRA~1\Comodo\CBOClean\BOC425.exe

C:\WINNT\StartupMonitor.exe

C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe

C:\Program Files\Trillian Pro\trillian.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: Wisdom-soft toolbar - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Wisdom-soft toolbar - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Wisdom-soft toolbar - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files\Wisdom-soft\tbWisd.dll

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [AVG7_CC] C:\Program Files\Grisoft\AVG7\avgcc.exe \STARTUP

O4 - HKLM\..\Run: [bOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe

O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')

O4 - Startup: Trillian.lnk = C:\Program Files\Trillian Pro\trillian.exe

O4 - Global Startup: Firefox Preloader.lnk = C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\chris\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk

O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\chris\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1187911231519

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1187911210589

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe

O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)

--

End of file - 5756 bytes

Share this post


Link to post
Share on other sites

it says cannot find "stop" (or one of its components make sure the path and file name are correct and that all required libraries are avaliable ...................... an then i tryed the sc stop winvnc and said the same thing

Share this post


Link to post
Share on other sites

Paste the following into notepad:

sc stop winvnc >> service.txt
sc delete winvnc >> service.txt
sc stop "VNC Server" >> service.txt
sc delete "VNC Server" >> service.txt
notepad service.txt

Save the file as "delVNC.bat" (include the quotes) to your desktop. Double click the file to run, a black window will flash and then notepad will open with some text inside of it; please post the text that it contains.

-Ryan

Share this post


Link to post
Share on other sites

Paste everything that was in the code box into Notepad. Save the file to your desktop as "delVNC.bat" (the quotes are required.

Now on your desktop, there will be a delVNC.bat icon - it will have a gear on the icon. Double click this icon. A black window will open, and then notepad will open a file names service.txt

Service.txt will have some text in it. Copy and paste that text into a forum post.

-Ryan

Share this post


Link to post
Share on other sites

C:\Documents and Settings\chris\My Documents>sc stop winvnc 1>>service.txt

'sc' is not recognized as an internal or external command,

operable program or batch file.

C:\Documents and Settings\chris\My Documents>sc delete winvnc 1>>service.txt

'sc' is not recognized as an internal or external command,

operable program or batch file.

C:\Documents and Settings\chris\My Documents>sc stop "VNC Server" 1>>service.tx

t

'sc' is not recognized as an internal or external command,

operable program or batch file.

C:\Documents and Settings\chris\My Documents>sc delete "VNC Server" 1>>service.

txt

'sc' is not recognized as an internal or external command,

operable program or batch file.

C:\Documents and Settings\chris\My Documents>notepad service.txt

Share this post


Link to post
Share on other sites

Does notepad open? If not, there should be a service.txt file on your desktop. Please open that file and post the contents of it here.

-Ryan

Share this post


Link to post
Share on other sites

Fix this entry in HJT: O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)

Then do the following:

Delete an NT Service

  • Open HiJackThis
  • Click on the "Config..." button on the bottom right
  • Click on the tab "Misc Tools"
  • click on "delete an NT service"
  • Copy and paste this in: winvnc
  • Click "ok", then reboot

Share this post


Link to post
Share on other sites

ok i went to that log on my desk top first of all an i seen the little black box do its thing scanning then diapeared real quick i couldnt see the resaults then i came right back to this post an seen ya next reply about the high jack this ok i did that an i got this >>>>>>>>>>>the service "winvnc" is enabled and or runnng. disable it first using high jack this its self from the scan resaults or the services.msc

Share this post


Link to post
Share on other sites

i looked again an it caused for a reboot so i did an ran hjt again an its still there im stuck on this one im getting upset after doing all this stuff an its still there once i get it removed ill never install it again i only did it to remote to my moms computer an clean hers up you know another remote solution i could use besides vnc ?????????/

Share this post


Link to post
Share on other sites

Logmein.com offers a few solutions. I use the free one to connect to a few computers.

If you were the one that installed the VNC software, then I wouldn't worry about it.

-Ryan

Share this post


Link to post
Share on other sites

yea im the one that installed it i had it on windows me then i got rid of windows me an installed windows 2000 its more stable than me is so i installed winvnc ill look up what you offered logmein.com any steps i need to take or is it bout the same as vnc????????

Share this post


Link to post
Share on other sites

You have to go to each computer to set it up the first time, but after that, its just as simple as going to the site, selecting which computer you want to connect to, and connecting.

-Ryan

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.