| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 84974 | 2007-11-25 06:47:00 | HijackThis Log Checkup | gellehar (12720) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 614968 | 2007-11-25 06:47:00 | Could someone please check this, just wanna make sure I'm fine :) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:27:12 p.m., on 25/11/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\WLANExt.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\Program Files\Spyware Doctor\svcntaux.exe C:\Program Files\Spyware Doctor\swdsvc.exe C:\Windows\system32\STacSV.exe C:\Windows\system32\svchost.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe C:\Windows\system32\taskeng.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\Program Files\LocalCooling\localcooling.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe C:\Program Files\Wakoopa\Wakoopa.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wbem\WmiApSrv.exe C:\Program Files\Trojan Remover\RMVTRJAN.EXE C:\Program Files\Trojan Remover\RMVTRJAN.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer 7 O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [LocalCooling] "C:\Program Files\LocalCooling\localcooling.exe" -s O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [Wakoopa] C:\Program Files\Wakoopa\Wakoopa.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE') O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7835 bytes |
gellehar (12720) | ||
| 614969 | 2007-11-25 07:00:00 | Looks ok to me but tick this entry then tick fix checked O13 - Gopher Prefix: |
Speedy Gonzales (78) | ||
| 614970 | 2007-11-25 07:06:00 | Cheers Speedy :) | gellehar (12720) | ||
| 614971 | 2007-11-25 07:08:00 | No worries :) | Speedy Gonzales (78) | ||
| 614972 | 2007-11-25 07:28:00 | Anytime I want to do a check on a Hijack log file just copy & paste the file into the text box at this site. (Or just link to the file) www.hijackthis.de |
fnphoto (2434) | ||
| 614973 | 2007-11-25 08:46:00 | Anytime I want to do a check on a Hijack log file just copy & paste the file into the text box at this site. (Or just link to the file) www.hijackthis.de alright so long as you know what you are about to delete. Using hijackthis.de should be used with caution, as it does find false positives. If you are not careful with it you can do some damage. |
Joe Blogs (35) | ||
| 614974 | 2007-11-25 18:41:00 | True it isnt 100%. BUT, the ones you're not sure about, do a check in google or yahoo. BUT, some people dont know what to tick, which is why they post the log here. |
Speedy Gonzales (78) | ||
| 1 | |||||