the Kaspersky online scanner detected 2 viruses. I couldnt save the report. Then I scanned with NIS 2008 but it doesnt catch anything. I am giving hijackThis log here.
Thank you in advance.
[ After posting, I emptied recycle bin and ran the scan again. This time it says number of viruses 1 and number of infected objects 1. I checked the file symlcsv1.exe and it is a symantec file. So is this a case of false positive? ]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at PM 02:33:26, on 03-04-2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
C:\Windows\vsnp2std.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common
Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE
C:\Program Files\Lenovo\Client Security
Solution\cssauth.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\Diskeeper
Corporation\Diskeeper\DkIcon.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program
Files\Google\GoogleToolbarNotifier\1.2.1128.5462
\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Lenovo\Client Security
Solution\tvtpwm_tray.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\EpiValley\TATA Indicom Dialer\TATA
Indicom Dialer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page = about:blank
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start
Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-
892F-0090271D4F88} - C:\PROGRA~1\Yahoo!
\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-
9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!
\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-
4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-
4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!
\Common\yiesrvc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-
95DAC4DFA408} - C:\Program Files\Common Files\Symantec
Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE
-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1
\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0
\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-
8333-CF10577473F7} - c:\program
files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-
4A17-ADC1-64B5B4FF55D0} - c:\Program Files\Windows Live
Toolbar\msntb.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427
-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client
Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17
-ADC1-64B5B4FF55D0} - c:\Program Files\Windows Live
Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-
98D2-FFB09D4B49CA} - C:\Program Files\Common
Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-
009027A5CD4F} - c:\program
files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-
0090271D4F88} - C:\PROGRA~1\Yahoo!
\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%
\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TPFNF7] C:\Program
Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [PMHandler] C:\PROGRA~1
\Lenovo\PMDRIV~1\PMHandler.exe
O4 - HKLM\..\Run: [TPWAUDAP] C:\Program
Files\Lenovo\HOTKEY\TpWAudAp.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32
\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32
\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32
\igfxpers.exe
O4 - HKLM\..\Run: [LenovoOobeOffers]
c:\swtools\LenovoWelcome\LenovoOobeOffers.exe
/filePath="c:\swshare\firstrun.txt"
O4 - HKLM\..\Run: [LenovoRegistration]
C:\SWTOOLS\LenovoWelcome\LenovoRegistration.exe
/inif="C:\SWSHARE\leadertech.ini"
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program
Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [AwaySch] C:\Program
Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [AMSG] C:\Program
Files\ThinkVantage\AMSG\Amsg.exe /startup
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1
\Lenovo\LENOVO~2\LPMGR.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program
Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program
Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [ACTray] C:\Program
Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program
Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common
Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows
Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\1.2.1128.5462
\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program
Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%
\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL
SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter]
rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL
SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%
\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK
SERVICE')
O8 - Extra context menu item: &Windows Live Search -
res://c:\Program Files\Windows Live
Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-
83BB1906C421} - C:\Program Files\Lenovo\Client Security
Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password
Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} -
C:\Program Files\Lenovo\Client Security
Solution\tvtpwm_ie_com.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.6.0
\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02
-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!
\Common\yiesrvc.dll
O13 - Gopher Prefix:
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE}
(TDServer Control) -
http://www.loksatta.com/daily/dynamic/w ... tdserver.c
ab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
(Installation Support) - C:\Program Files\Yahoo!
\Common\Yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C9378FF-3DB9-
417A-8E23-6D802C942EC3}: NameServer = 202.54.29.5
202.54.10.2
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) -
Lenovo - C:\Program
Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) -
Lenovo - C:\Program
Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Agere Modem Call Progress Audio
(AgereModemAudio) - Agere Systems - C:\Windows\system32
\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec
Corporation - C:\Program
Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. -
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service
(CLTNetCnService) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation
- C:\Program Files\Common Files\Symantec
Shared\VAScanner\comHost.exe
O23 - Service: Diskeeper - Diskeeper Corporation -
C:\Program Files\Diskeeper
Corporation\Diskeeper\DkService.exe
O23 - Service: Fn+F5 Service (FNF5SVC) - Lenovo. -
C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
O23 - Service: Google Updater Service (gusvc) - Google -
C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group
Limited - C:\Windows\system32\IPSSVC.EXE
O23 - Service: LiveUpdate - Symantec Corporation -
C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation -
C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe
O23 - Service: PMSveH - Lenovo - C:\Program
Files\Lenovo\PM Driver\PMSveH.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) -
Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: System Update (SUService) - - c:\Program
Files\Lenovo\System Update\SUService.exe
O23 - Service: Symantec Core LC - Unknown owner -
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. -
C:\Program Files\Common Files\Symantec Shared\Support
Controls\ssrc.exe
O23 - Service: ThinkVantage Registry Monitor Service -
Lenovo Group Limited - C:\Program Files\Common
Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: On Screen Display (TPHKSVC) - Unknown
owner - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM -
C:\Program Files\Lenovo\Client Security
Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown
owner - C:\Program Files\Lenovo\Rescue and
Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited
- C:\Program Files\Lenovo\Rescue and
Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited -
c:\Program Files\Common
Files\Lenovo\Scheduler\tvtsched.exe
--
End of file - 11543 bytes