| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 105666 | 2009-12-10 05:40:00 | Hijackthis log | ManUFan (7602) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 838366 | 2009-12-10 05:40:00 | Hi can someone have a look please.... (Speedy?) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:32:52 p.m., on 10/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe D:\Utilities\Comodo\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Security Essentials\MsMpEng.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe D:\Utilities\Comodo\COMODO Internet Security\cfp.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Microsoft Security Essentials\msseces.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe D:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe D:\Utilities\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\UTILIT~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Utilities\Comodo\COMODO Internet Security\cfp.exe" -h O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: MBCameraMonitor.lnk = ? O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\UTILIT~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\UTILIT~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - www.update.microsoft.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com O17 - HKLM\System\CCS\Services\Tcpip\..\{0064A3F0-9A5D-42F8-B37D-B4361A6680E2}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CS1\Services\Tcpip\..\{0064A3F0-9A5D-42F8-B37D-B4361A6680E2}: NameServer = 208.67.222.222,208.67.220.220 O20 - AppInit_DLLs: O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Utilities\Comodo\COMODO Internet Security\cmdagent.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 5457 bytes |
ManUFan (7602) | ||
| 838367 | 2009-12-10 05:47:00 | You can tick these then tick fix checked Close browsers O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O20 - AppInit_DLLs: O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: MBCameraMonitor.lnk = ? I would uninstall Spybot |
Speedy Gonzales (78) | ||
| 838368 | 2009-12-10 05:51:00 | Ok - Thanks Speedy. Guess I don't need Spybot with MSE?? |
ManUFan (7602) | ||
| 838369 | 2009-12-10 05:58:00 | Nope. Its out of date now, like Adaware. There are better programs around now: ie: Malwarebytes / MSE | Speedy Gonzales (78) | ||
| 838370 | 2009-12-10 06:00:00 | Cool - thanks heaps! | ManUFan (7602) | ||
| 838371 | 2009-12-10 06:00:00 | No probs | Speedy Gonzales (78) | ||
| 838372 | 2009-12-10 07:18:00 | Sorry.. I've been reading the post. Why is Spybot Search & Destory no longer needed? MSE is simply an Anti-Virus, Spybot is used for cleaning infections and building up passive resistance. Could you please enlighten me? |
Chris09 (15218) | ||
| 838373 | 2009-12-10 07:25:00 | Its old, if you want something use malwarebytes | Speedy Gonzales (78) | ||
| 838374 | 2009-12-10 07:35:00 | Use both. Run separately. No problems. :thumbs: | Richard (739) | ||
| 838375 | 2009-12-11 09:53:00 | Its old, if you want something use malwarebytes I don't quite understand why you say that.. They are currently on the finish line for Spybot 2.0 and Spybot gets updated every Wednesday if not more. Also the latest rootkits are not found by either MSE nor Malwarebytes before them either... so I don't quite understand why you call them old, and why other people's impressions of Spybot are faulted. It's an excellent, up to date tool. |
Chris09 (15218) | ||
| 1 2 | |||||