Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 09-15-2006, 06:54 PM   #1
Fully Optimized
 
troy's Avatar
 
Join Date: Jul 2006
Location: USA
Posts: 2,410
Default HijackThis Logfile help!

hey guys. I'm doing a HiJackThis scan like I do every now and then and was wondering if you guys could please help and tell me what I can delete from this log:

Logfile of HijackThis v1.99.1
Scan saved at 3:53:00 PM, on 9/15/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Eset\nod32.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Troy\Desktop\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [RSD_HDDThermo] "C:\Program Files\HDD Thermometer\HDD Thermometer.exe"
O4 - HKCU\..\Run: [Startup Manager] C:\Documents and Settings\Troy\Application Data\Systweak\ASO 2\smstartUp manager.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe


thanks guys!


EDIT: had to remove links
__________________

__________________
Desktop: Dell Dimension E510, 2.5GB RAM, Intel P4 3.0GHZ, 250GB HDD, Windows Vista Premium. Might not be the best, but the old girl is still running good.
troy is offline   Reply With Quote
Old 09-16-2006, 12:06 AM   #2
Golden Master
 
borat_sagdiyev's Avatar
 
Join Date: Feb 2006
Posts: 8,986
Send a message via AIM to borat_sagdiyev Send a message via MSN to borat_sagdiyev
Default Re: HijackThis Logfile help!

you can stop qttask from starting. it just increases your loading time.
__________________

__________________
Core 2 Duo e4500 2.2ghz @ 2.8ghz
evga 650i ultra
2gb 400mhz ram OC'ed to 450
evga geforce 7600GT overclocked
borat_sagdiyev is offline   Reply With Quote
Old 09-16-2006, 12:15 AM   #3
BSOD
 
MarxSoccer's Avatar
 
Join Date: Jun 2005
Posts: 2,999
Send a message via ICQ to MarxSoccer Send a message via AIM to MarxSoccer Send a message via MSN to MarxSoccer Send a message via Yahoo to MarxSoccer
Default Re: HijackThis Logfile help!

First of all you need to edit your post and uncheck the "automatically parse links in my post"

Second of all, and should be LAST of all, here: http://hijackthis.de/index.php?langselect=english#anl
MarxSoccer is offline   Reply With Quote
Old 09-16-2006, 01:07 AM   #4
Fully Optimized
 
troy's Avatar
 
Join Date: Jul 2006
Location: USA
Posts: 2,410
Default Re: HijackThis Logfile help!

hey thanks for the help guys. Thanks for that link Marxsoccer, that helped alot. I tried another one of those but it didn't work well, that one worked well thanks!
__________________
Desktop: Dell Dimension E510, 2.5GB RAM, Intel P4 3.0GHZ, 250GB HDD, Windows Vista Premium. Might not be the best, but the old girl is still running good.
troy is offline   Reply With Quote
Old 09-17-2006, 04:13 PM   #5
Baseband Member
 
Join Date: Jun 2006
Posts: 23
Default Re: HijackThis Logfile help!

Troy,

You need to update your Sun Java installation to JRE 5.0 Update 8.

There are numerous little blighters which attempt to exploit older versions such as yours.
John McKenna is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 01:03 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0