HijackThis Log: Need a little Help

Logfile of Trend Micro HijackThis v2.0.2
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\system32\conime.exe
C:\Program Files\Digsby\lib\digsby-app.exe
C:\Files\Utilitys\HiJackThis.exe
C:\Program Files\Notepad++\notepad++.exe

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll RemoveFocusRect.dll

--
End of file - 889 bytes

i had an issue uninstalling java, reinstalling an updated version days ago, i think i managed to clean it up but it left two helper objects in IE, one was enabled (the one listed) and another ... i just figured i'd remove, why would their be two of the same helper directed at the same .dll file?

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll < removed, can be restored
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll



is the '2' there because during install, it couldn't overwrite a dll that had not been removed during previous uninstall?

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll RemoveFocusRect.dll

^ is this safe to remove, it belongs with avg, i guess part of its search shield, although i no longer see search shield as even an option in the most recent AVG, they might of removed it, they did have issues with this feature, huge backlash against it, latest updates may of removed the option from the software but left traces.

i'd also like to know how i'd get rid of the C:\Windows\system32\conime.exe process, i tried uninstalling all language files, and making sure the regional settings were correct, but the process won't seem to go away.

other than that, i think my setup is good =]
thanks in advance

 

bump, can anyone help?

 

avgrsstx.dll is the resident shield starter - the resident shield is one of the essential parts of the antivirus.

search shield is a part of LinkScanner, it was never removed from the 8.0 version (it's included also in the free edition).

regarding the HJT log, maybe it would be worth of posting it to the HJT forum:
http://forum.hijackthis.de/forumdisplay.php?f=10
also make sure that the log is complete before you post it there - the one above is not, as it is recording only the current user's information (at least it seems so).

 

i will post in the hijackthis forum, just a question though... where are the linkscanner options within AVG free 8.0.175? its not in my version, nowhere in advanced settings like it once was, although maybe they included an option not to install it, which i probably chose =P (just checked, yeah its an option in the custom setup)

and yes, the above long is complete, i have a few things ignored as i know what they are, thats about it, here's the log again.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32a, on 25/10/08
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Digsby\lib\digsby-app.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Files\Utilitys\HiJackThis.exe

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll RemoveFocusRect.dll

--
End of file - 939 bytes

what doesn't look right? and i'm the only user on this system

 

about the HJT log - the number of running processes is kinda too low it looks like only processes running under your user, without system processes. you need to make it log all processes (i'm not sure how... i don't have it here at the moment and i use it really rarely, besides being an xp/nonvista user, but the guys at the HJT forum will know for sure).

regarding AVG and LinkScanner, yes it is in the 8.0.175 build. but if you run the installation package and choose to add or remove components, you can remove also this LinkScanner. so maybe that's why it is missing in your installation.

 

ah, i'm betting that is what i did, never installed linkscanner last time around... anyway, thanks, have to see if i can find a way to get hijackthis to list all my processes, i have a total of 33 running under all users, can't see any option in HJT to show them.

 

If you were still wondering about Conime.exe..

Other than that, your log looks fine.

 

it is the legit process, i just can't figure a way to keep it from loading, for instance right now it isn't, but every now and again it shows up... maybe because i'm loading asian characters somewhere on websites, etc? although i have no extra languages installed (there are alot you can install with vista ultimate)

 

Tried the MS office settings?

 

i don't have MS Office, i have parts of OpenOffice though... =] although no part of Open Office loads on startup