TheTechGuide Forum

General Category => Tech Clinic => Topic started by: kfullam on June 22, 2005, 10:34:12 AM

Title: read my hijackthis log??
Post by: kfullam on June 22, 2005, 10:34:12 AM

hello.. i keep getting an error regarding this file at start up
C:\WINDOWS\system32\sysje32.exe

Here is my hijackthis log.

Logfile of HijackThis v1.99.1
Scan saved at 11:20:27 AM, on 6/22/2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Program Files\Symantec\ClientVPN\vpnservices.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Symantec\ClientVPN\logservice.exe
C:\Program Files\Symantec\ClientVPN\emroute.exe
C:\WINDOWS\TEMP\JZE706.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\Novatel Wireless\SprintPort\SprintPortA.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Symantec\ClientVPN\nsetup.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
C:\PROGRA~1\WINZIP\wzqkpick.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Administrator.BA-JWOOD\Desktop\hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\ejhuz.dll/sp.html#14044
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.44.255.250:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [SprintPort] "C:\Program Files\Novatel Wireless\SprintPort\SprintPortA.exe"
O4 - HKLM\..\Run: [sysej32.exe] C:\WINDOWS\system32\sysej32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Symantec Client VPN.lnk = C:\Program Files\Symantec\ClientVPN\nsetup.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (http://\"http://awbeta.net-nucleus.com\") (HKLM)
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - http://rocvirus/officescan/console/ClientI...ll/WinNTChk.cab (http://\"http://rocvirus/officescan/console/ClientInstall/WinNTChk.cab\")
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB (http://\"http://support.dell.com/systemprofiler/SysPro.CAB\")
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - http://rocvirus/officescan/console/ClientI...ll/setupini.cab (http://\"http://rocvirus/officescan/console/ClientInstall/setupini.cab\")
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - http://rocvirus/officescan/console/ClientInstall/setup.cab (http://\"http://rocvirus/officescan/console/ClientInstall/setup.cab\")
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {43331111-1111-1111-1111-611111195622} - file://c:\ex.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - http://rocvirus/officescan/console/ClientI.../RemoveCtrl.cab (http://\"http://rocvirus/officescan/console/ClientInstall/RemoveCtrl.cab\")
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1106148489371 (http://\"http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106148489371\")
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://rocts/tsweb/msrdp.cab (http://\"http://rocts/tsweb/msrdp.cab\")
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://rocvirus/viewer/activeXViewer/activexviewer.cab (http://\"http://rocvirus/viewer/activeXViewer/activexviewer.cab\")
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - C:\WINDOWS\System32\vbsys2.dll
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: Symantec Client VPN - Symantec Corporation - C:\Program Files\Symantec\ClientVPN\vpnservices.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

Title: read my hijackthis log??
Post by: kfullam on June 22, 2005, 12:56:07 PM

bump