Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 11-05-2005, 07:09 AM   #1
Golden Master
 
ArrizX's Avatar
 
Join Date: Apr 2005
Posts: 16,073
Send a message via MSN to ArrizX
Default hijack this log fiel

does anyone know how to search a highjack this log file, and tell me what to fix on my computer. i have seen computers automaticly generate reports, but i know that they are not accurate. thanks for what ever help you can give
__________________

__________________
. ()()()()
./l ,[_\_\ ],
l---L ()lllllll()-
()_) ()_)--o-)_)
ArrizX is offline   Reply With Quote
Old 11-05-2005, 07:18 AM   #2
Fully Optimized
 
dyserq's Avatar
 
Join Date: Jul 2005
Posts: 2,281
Default Re: hijack this log fiel

What do you mean ? Do you mean like you want to learn how to read and understand HijackThis log files ? Because if you would like to do so, there is a quite good guide written at Bleeping Computer ...http://www.bleepingcomputer.com/tuto...utorial42.html
__________________

dyserq is offline   Reply With Quote
Old 11-06-2005, 06:17 AM   #3
Golden Master
 
ArrizX's Avatar
 
Join Date: Apr 2005
Posts: 16,073
Send a message via MSN to ArrizX
Default Re: hijack this log fiel

No, not a turtorial, i mean someone (not a computer generated program scanner) but a human, that looks through the log file to find problems in your system, i have seen other forums do this, i was just wondering if anyone here could do it for me?
__________________
. ()()()()
./l ,[_\_\ ],
l---L ()lllllll()-
()_) ()_)--o-)_)
ArrizX is offline   Reply With Quote
Old 11-07-2005, 06:02 AM   #4
Fully Optimized
 
dyserq's Avatar
 
Join Date: Jul 2005
Posts: 2,281
Default Re: hijack this log fiel

Well ... i'm not sure if there is anybody here who can do it and i certainly can not, although it seems interesting ... but i'm sure that there are other people who can go through it and analyse and see if they can find any issues which may be on your computer ... you could try the Bleeping Computer forums or something like that ...
dyserq is offline   Reply With Quote
Old 11-09-2005, 05:29 PM   #5
zyx
Baseband Member
 
zyx's Avatar
 
Join Date: Nov 2005
Posts: 36
Default Re: hijack this log fiel

post your log file up
i can tell you which programs to keep or not
__________________
http://www.djzyx.com/forum // British Columbia Tech Talk
zyx is offline   Reply With Quote
Old 11-09-2005, 08:17 PM   #6
Golden Master
 
ArrizX's Avatar
 
Join Date: Apr 2005
Posts: 16,073
Send a message via MSN to ArrizX
Default Re: hijack this log fiel

Logfile of HijackThis v1.99.1
Scan saved at 5:16:20 PM, on 11/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Koby\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/Visi.../TLIEFlash.CAB
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

__________________________________________________ ______________
Well that is the most recent version, because i took out a crap load of stuff, but there ya go. thanks for any help.
__________________
. ()()()()
./l ,[_\_\ ],
l---L ()lllllll()-
()_) ()_)--o-)_)
ArrizX is offline   Reply With Quote
Old 11-09-2005, 08:53 PM   #7
zyx
Baseband Member
 
zyx's Avatar
 
Join Date: Nov 2005
Posts: 36
Default Re: hijack this log fiel

ok well i can see your using windows me

everything there seems to be fine, I can decypher all the programs your computer is using, non of them seem to be maliscious software.

You can take a few off to help the boot up time
messenger
C:\Program Files\MSN Messenger\msnmsgr.exe
Java (for either mp3 sharing like limewire or just for IE, if you dont have limewire or any mp3 sharing programs just delete this key)
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
you can take off adobe acrobat
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe

these are all used by windows
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe

so leave them
everything looks clean to me
__________________
http://www.djzyx.com/forum // British Columbia Tech Talk
zyx is offline   Reply With Quote
Old 11-10-2005, 02:16 AM   #8
Golden Master
 
ArrizX's Avatar
 
Join Date: Apr 2005
Posts: 16,073
Send a message via MSN to ArrizX
Default Re: hijack this log fiel

im using xp home... but thanks, but i do like the reader thing and my msn. ill have too look into the other one.
__________________
. ()()()()
./l ,[_\_\ ],
l---L ()lllllll()-
()_) ()_)--o-)_)
ArrizX is offline   Reply With Quote
Old 11-10-2005, 06:53 AM   #9
BSOD
 
matt_999's Avatar
 
Join Date: Oct 2004
Posts: 338
Default Re: hijack this log fiel

arrizx to boost your but up time just use msconfig to remove programms from startup, there is nothing in ur log file that is bad. I dont know why zyx thought u had ME, it even states it at the top of a log what OS ur using. Anyhoo, nothing wrong at all.

matt
matt_999 is offline   Reply With Quote
Old 11-10-2005, 02:00 PM   #10
zyx
Baseband Member
 
zyx's Avatar
 
Join Date: Nov 2005
Posts: 36
Default Re: hijack this log fiel

i was rendering each exe file

wuauclt.exe is a windows me autoupdate file used by its OS

I didnt read through the second half of the log file since the first half has everything I need.
__________________

__________________
http://www.djzyx.com/forum // British Columbia Tech Talk
zyx is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 03:28 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0