Hijackthis Log have I got PROBS?Yor N

  sid 21:21 25 May 04
Locked

Appreciate any help on understanding the results of this log
Do I have problems on my pc?
Not happy with the 016 logs. Look a little dodgy t me but Im not to sure
Thanks for any response.

Logfile of HijackThis v1.97.7
Scan saved at 18:02:38, on 25/05/2004
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MouseWarePro\MWProEng.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Common Files\Teknum Systems\updsvc.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = click here
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by PC Advisor
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [MWProEng] C:\Program Files\MouseWarePro\MWProEng.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O16 - DPF: {10000000-1000-0000-1000-000000000000} -
O16 - DPF: {11111111-1111-1111-1111-111111111157} -
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - click here
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - click here

  GANDALF <|:-)> 21:41 25 May 04

The only thing that my beady eye can see is 'C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe', which is not a trojan but is often mistaken for one by many trojan progs...usually gives a false positive. Are you noticing any problems?

G

  Gaz 25 21:43 25 May 04

This one is Downloader.Backdoor:

C:\WINNT\system32\internat.exe

  Gaz 25 21:43 25 May 04

And this one is a spyware component:

C:\Program Files\Common Files\Teknum Systems\updsvc.exe

  Gaz 25 21:47 25 May 04

Run both a virus scan and spyware scan with fully up-to-date definitions.

  GANDALF <|:-)> 21:50 25 May 04

click here internat exe is for your keyboard in order to type the foreign lingo ;-)))

G

  GANDALF <|:-)> 21:52 25 May 04

Steady Gaz 25, you'll have the computer wrecked........The Teknum Systems folder is a hidden folder that sits in Program Files\Common Files, and comes with Handybits programs like EasyCrypto and EasyCrypto for one won't function without it.
It checks for updates of the program at startup...which is why it connects to the net;-))).


G

  GANDALF <|:-)> 21:53 25 May 04

I think that I may have mentioned this in post #1

G

  Gaz 25 22:00 25 May 04

Yes. Internat is for keyboard, but there is also a virus using same filename.

I wasnt suggesting delete it manually, but I would suggest running a virus scan and spyware scan, if that shows up clear then thats fine.

EasyCrypto - I dont use it so I couldnt comment on it really, but I have heard of Teknum systems being spyware related.

  sid 22:38 25 May 04

Thanks guys yes i use easy crypto n dont have a problem with it i was more concerned with the DPF files
O16 - DPF: {11111111-1111-1111-1111-111111111157} -
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - click here
are they a problem or not cos Im not 2 sure any comments are well appreciated Thnx again

  sid 22:42 25 May 04

Really meant DPF files
O16 - DPF: {10000000-1000-0000-1000-000000000000} -
O16 - DPF: {11111111-1111-1111-1111-111111111157} - Help!!!
wot are they

This thread is now locked and can not be replied to.

Huawei P10 review

1995-2015: How technology has changed the world in 20 years

An overview: What leading creative agencies are doing to improve diversity

New iPad, iPhone SE & Red iPhone 7 on sale now