Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93099 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

SMB locator service failed: code 1060


  • Please log in to reply
5 replies to this topic

#1 AlexC

AlexC

    New Member

  • Authentic Member
  • Pip
  • 8 posts

Posted 06 June 2006 - 05:36 PM

I'm in the process of cleaning up my Windows 2003 server which I use for speech recognition applications.
It was spewing out garbage on port 135, according to my ISP. I've run Sophos, Trend Micro and removed javast.eve, cftmon.exe. HKTL_Hideware.a and HKTL_Pwdump.c were detected as well and presumably fixed.
Eventvwr log was indicating unauthorized visitors on vnc4 (which I use frequently and need). At this stage, when I reboot I consistently get this err msg: The SMB Locator service failed to start due to the following error: The system cannot find the file specified. ? because the corrupted javast.exe was nuked??
I'm an inch away from taking the machine down to the bone but thought I'd see what the gurus had to say first.

Two logs included here: 1.99.1 and 1.98.2

Grateful for any suggestion/analysis.

AlexC

Logfile of HijackThis v1.99.1
Scan saved at 3:58:06 PM, on 6/6/2006
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\DIALOGIC\OOC\BIN\NTEVEN~1.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\PROGRA~1\Dialogic\bin\IPMedia.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\PROGRA~1\DIALOGIC\OOC\BIN\NTNAME~1.EXE
C:\PROGRA~1\Pronexus\VBSalt\NLOGSE~1.EXE
c:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
c:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\Program Files\Vail\Telephony Interface Manager\bin\VailSoap.exe
C:\PROGRA~1\Pronexus\VBSalt\VBVARB~1.EXE
c:\program files\microsoft enterprise instrumentation\bin\trace service\tracesessionmanager.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\Program Files\Vail\Telephony Interface Manager\bin\VailCsta.exe
C:\Program Files\Vail\Telephony Interface Manager\bin\VailTimCall.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\soundman.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\tmp\hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [tcp / ip services] sethcs.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1124141515906
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1133913138578
O17 - HKLM\System\CCS\Services\Tcpip\..\{325BB0E8-D10E-4AED-A6F5-E026ABFDB0F5}: NameServer = 207.115.64.2,207.115.64.3
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter: text/salt+html - {407AADC1-FF74-4885-AB6D-67AF452F531A} - C:\Program Files\Microsoft Speech Application SDK 1.1\Client\SaltFilter.dll
O18 - Filter: text/salt+html; charset=utf-8 - {407AADC1-FF74-4885-AB6D-67AF452F531A} - C:\Program Files\Microsoft Speech Application SDK 1.1\Client\SaltFilter.dll
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AnmChannelFactoryServer - Dialogic Corporation - C:\PROGRA~1\DIALOGIC\BIN\ANMCHANNELFACTORYSERVER.exe
O23 - Service: AnmChannelServer - Dialogic Corporation - C:\PROGRA~1\DIALOGIC\BIN\ANMCHANNELSERVER.exe
O23 - Service: AnmLoggerServer - Dialogic Corporation - C:\PROGRA~1\DIALOGIC\BIN\ANMLOGGERSERVER.exe
O23 - Service: AnmSupplierServer - Dialogic Corporation - C:\PROGRA~1\DIALOGIC\BIN\ANMSUPPLIERSERVER.exe
O23 - Service: CT Bus Broker (CTBusBroker) - Dialogic Corporation - C:\PROGRA~1\Dialogic\bin\ctbbserv.exe
O23 - Service: Dialogic System Service (Dialogic) - Dialogic Corporation - C:\PROGRA~1\Dialogic\bin\dlgc_srv.exe
O23 - Service: Dialogic SS7 Service (DlgcS7Srv) - Intel Corporation - C:\PROGRA~1\Dialogic\bin\DlgcS7Srv.exe
O23 - Service: ORBacus Event Service (EventService) - Unknown owner - C:\PROGRA~1\DIALOGIC\OOC\BIN\NTEVEN~1.EXE
O23 - Service: IPLink Media Service (IPMedia) - Intel Corporation - C:\PROGRA~1\Dialogic\bin\IPMedia.exe
O23 - Service: ORBacus Naming Service (NamingService) - Unknown owner - C:\PROGRA~1\DIALOGIC\OOC\BIN\NTNAME~1.EXE
O23 - Service: SMB Locator (NBTHLP) - Unknown owner - C:\WINDOWS\system32\javast.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NLogServer - Pronexus Inc. - C:\PROGRA~1\Pronexus\VBSalt\NLOGSE~1.EXE
O23 - Service: Paraxip Gateway - Unknown owner - C:\Program Files\Paraxip Gateway\bin\paraxip-gateway.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos plc - c:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos plc - c:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos plc - c:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Speechify Voice - US English, Jill, 8kHz (SpfyJill8) - Unknown owner - C:\Program Files\Common Files\SpeechEngines\ScanSoft\Speechify\bin\SpfyJill8.exe" --service --config "C:\Program Files\Common Files\SpeechEngines\ScanSoft\Speechify\config\SWIttsConfig.xml" --config "C:\Program Files\Common Files\SpeechEngines\ScanSoft\Speechify\en-US\jill\jill8.xml" --config "C:\Program Files\Common Files\SpeechEngines\ScanSoft\Speechify\en-US\jill\Ojill8.xml (file missing)
O23 - Service: Speechify Voice - US English, Tom, 8kHz (SpfyTom8) - Unknown owner - C:\Program Files\Common Files\SpeechEngines\ScanSoft\Speechify\bin\SpfyTom8.exe" --service --config "C:\Program Files\Common Files\SpeechEngines\ScanSoft\Speechify\config\SWIttsConfig.xml" --config "C:\Program Files\Common Files\SpeechEngines\ScanSoft\Speechify\en-US\tom\tom8.xml" --config "C:\Program Files\Common Files\SpeechEngines\ScanSoft\Speechify\en-US\tom\Otom8.xml (file missing)
O23 - Service: VailSIPTIMCSTA - Vail Systems, Inc. - C:\Program Files\Vail\Telephony Interface Manager\\bin\VailCsta.exe
O23 - Service: VailSIPTIMSoap - Vail Systems, Inc. - C:\Program Files\Vail\Telephony Interface Manager\\bin\VailSoap.exe
O23 - Service: VailTimCall - Vail Systems, Inc. - C:\Program Files\Vail\Telephony Interface Manager\bin\VailTimCall.exe
O23 - Service: VailTimCallManager - Vail Systems, Inc. - C:\Program Files\Vail\Telephony Interface Manager\bin\VailTimCallManager.exe
O23 - Service: VBVArbiter - Pronexus Inc. - C:\PROGRA~1\Pronexus\VBSalt\VBVARB~1.EXE
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

and the 1.98.2

Logfile of HijackThis v1.98.2
Scan saved at 4:06:24 PM, on 6/6/2006
Platform: Unknown Windows (WinNT 5.02.3790 SP1)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\DIALOGIC\OOC\BIN\NTEVEN~1.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\PROGRA~1\Dialogic\bin\IPMedia.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\PROGRA~1\DIALOGIC\OOC\BIN\NTNAME~1.EXE
C:\PROGRA~1\Pronexus\VBSalt\NLOGSE~1.EXE
c:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
c:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\Program Files\Vail\Telephony Interface Manager\bin\VailSoap.exe
C:\PROGRA~1\Pronexus\VBSalt\VBVARB~1.EXE
c:\program files\microsoft enterprise instrumentation\bin\trace service\tracesessionmanager.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\Program Files\Vail\Telephony Interface Manager\bin\VailCsta.exe
C:\Program Files\Vail\Telephony Interface Manager\bin\VailTimCall.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\soundman.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\tmp\hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [tcp / ip services] sethcs.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1124141515906
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1133913138578
O17 - HKLM\System\CCS\Services\Tcpip\..\{325BB0E8-D10E-4AED-A6F5-E026ABFDB0F5}: NameServer = 207.115.64.2,207.115.64.3
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter: text/salt+html - {407AADC1-FF74-4885-AB6D-67AF452F531A} - C:\Program Files\Microsoft Speech Application SDK 1.1\Client\SaltFilter.dll
O18 - Filter: text/salt+html; charset=utf-8 - {407AADC1-FF74-4885-AB6D-67AF452F531A} - C:\Program Files\Microsoft Speech Application SDK 1.1\Client\SaltFilter.dll

    Advertisements

Register to Remove


#2 Micah_6:8

Micah_6:8

    Evilware Emancipator

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,060 posts
  • Interests:Web (Perl, PHP, JavaScript, HTML) programming, CNC programming, Squashing spyware!

Posted 06 June 2006 - 10:07 PM

Welcome to the forum :wavey:

You get the error because the machine is still trying to run the service with one of the files you nuked:

O23 - Service: SMB Locator (NBTHLP) - Unknown owner - C:\WINDOWS\system32\javast.exe (file missing)

If that file truly is missing, you can safely remove that service, and the error at bootup will disappear.

Pull up a DOS window.

In that window type these commands, ONE AT A TIME.

sc stop NBTHLP[enter]
sc delete NBTHLP[enter]


Thats:
sc[space]stop[space]NBTHLP[enter]
sc[space]delete[space]NBTHLP[enter]


Then reboot.

This looks "fishy" to me:

O4 - HKLM\..\Run: [tcp / ip services] sethcs.exe

Does that look "familiar" to you?
:unsure:
Micah 6:8 He hath shewed thee, O man, what is good; and what doth the LORD require of thee, but to do justly, and to love mercy, and to walk humbly with thy God?

The help you receive here is free.
If you wish to show your appreciation, then you may donate to help keep us online.

Want to help others? Join the ClassRoom and learn how.

Download Hijack This! My Website: UnSpyMe!

#3 AlexC

AlexC

    New Member

  • Authentic Member
  • Pip
  • 8 posts

Posted 07 June 2006 - 02:30 PM

Didn't see my prev posts in reply to Micah's post so here's a quick recap: 1. no javast.exe found (it had been nuked) 2. removing service went smoothly (sc.exe) 3. reboot showed no further evidence of SMB locator service err msg. 4. Grep on NBTHLP reveals that this is a true nasty. Many many thanks, Micah.

#4 Micah_6:8

Micah_6:8

    Evilware Emancipator

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,060 posts
  • Interests:Web (Perl, PHP, JavaScript, HTML) programming, CNC programming, Squashing spyware!

Posted 07 June 2006 - 02:42 PM

I'm glad we could be of assistance.

Thank you for using the forum.

M68 :)

Post Infection Items To Ponder
Micah 6:8 He hath shewed thee, O man, what is good; and what doth the LORD require of thee, but to do justly, and to love mercy, and to walk humbly with thy God?

The help you receive here is free.
If you wish to show your appreciation, then you may donate to help keep us online.

Want to help others? Join the ClassRoom and learn how.

Download Hijack This! My Website: UnSpyMe!

#5 Micah_6:8

Micah_6:8

    Evilware Emancipator

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,060 posts
  • Interests:Web (Perl, PHP, JavaScript, HTML) programming, CNC programming, Squashing spyware!

Posted 08 June 2006 - 05:40 PM

You should pobably "fix" this with HijackThis!

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

Then reboot.

It is is spyware that basically collects information from your PC and sends it to Realtek.

Your Java need updated:

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

The latest version out is jre1.5.0_07

After you update, you must remove old Java versions via "Add/Remove Programs".

:) :thumbup:
Micah 6:8 He hath shewed thee, O man, what is good; and what doth the LORD require of thee, but to do justly, and to love mercy, and to walk humbly with thy God?

The help you receive here is free.
If you wish to show your appreciation, then you may donate to help keep us online.

Want to help others? Join the ClassRoom and learn how.

Download Hijack This! My Website: UnSpyMe!

#6 Micah_6:8

Micah_6:8

    Evilware Emancipator

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,060 posts
  • Interests:Web (Perl, PHP, JavaScript, HTML) programming, CNC programming, Squashing spyware!

Posted 08 June 2006 - 05:40 PM

This topic is now closed.

If you need this topic reopened, please request this by sending an email to us at the following link

(Click for address)
Include your post user name and detail why you need it reopened with a valid link to your post.
Any bad links or emails that are not from the original poster will be deleted without response.
Any emails without the subject "Reopen" will be deleted without being looked at.

If this is not your thread please start a New Topic.

Micah 6:8 He hath shewed thee, O man, what is good; and what doth the LORD require of thee, but to do justly, and to love mercy, and to walk humbly with thy God?

The help you receive here is free.
If you wish to show your appreciation, then you may donate to help keep us online.

Want to help others? Join the ClassRoom and learn how.

Download Hijack This! My Website: UnSpyMe!

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users