Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Nov 21st, 2008, 4:40am
   Mischel Internet Security Forum
   Malware
   Adware, Browser Hijackers and other Malware (Moderators: Helena, Gavin_Coe, Magnus)
   Can you evaluate hijackthis log?		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: Can you evaluate hijackthis log?  (Read 1505 times)
jack1234
Newbie
*





   


Posts: 1
Can you evaluate hijackthis log?
« on: Mar 4th, 2005, 1:58pm »		 Quote Quote  Modify Modify
Logfile of HijackThis v1.97.7
Scan saved at 10:34:40 AM, on 3/4/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\WINDOWS\SYSTEM32\usbn.exe
C:\WINDOWS\System32\Hdr.exe
C:\WINDOWS\System32\cmd32.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
C:\Program Files\Hewlett-Packard\hp psc 700 series\bin\hpodev07.exe
C:\Program Files\Hewlett-Packard\hp psc 700 series\FRU\Remind32.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpCtr.exe
F:\HijackThis.exe
 
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [DVDUpgrade] DVDUpgrd.exe /async9x
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [usbn] C:\WINDOWS\SYSTEM32\usbn.exe -go -c85 -w4
O4 - HKLM\..\Run: [Mba] C:\WINDOWS\System32\Hdr.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\cmd32.exe internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [Toc] C:\WINDOWS\System32\Bsf.exe
O4 - HKLM\..\Run: [Vbp] C:\WINDOWS\System32\Ghc.exe
O4 - HKLM\..\Run: [Qon] C:\WINDOWS\System32\Bvd.exe
O4 - HKLM\..\Run: [Vor] C:\WINDOWS\Ocq.exe
O4 - HKLM\..\Run: [Lfd] C:\WINDOWS\Adl.exe
O4 - HKLM\..\Run: [Svu] C:\WINDOWS\System32\Bvb.exe
O4 - HKLM\..\Run: [Ltn] C:\WINDOWS\System32\Cjk.exe
O4 - HKLM\..\Run: [Kbr] C:\WINDOWS\System32\Rme.exe
O4 - HKLM\..\Run: [Tvm] C:\WINDOWS\System32\Gki.exe
O4 - HKLM\..\Run: [Kdr] C:\WINDOWS\Hin.exe
O4 - HKLM\..\Run: [Elp] C:\WINDOWS\Ede.exe
O4 - HKLM\..\Run: [Sqe] C:\WINDOWS\Mqh.exe
O4 - HKLM\..\Run: [Arv] C:\WINDOWS\System32\Ouo.exe
O4 - HKLM\..\Run: [Dma] C:\WINDOWS\System32\Hpo.exe
O4 - HKLM\..\Run: [Dsv] C:\WINDOWS\System32\Pjc.exe
O4 - HKLM\..\Run: [Bit] C:\WINDOWS\Gte.exe
O4 - HKLM\..\Run: [Etq] C:\WINDOWS\Hee.exe
O4 - HKLM\..\Run: [Ttq] C:\WINDOWS\System32\Gud.exe
O4 - HKCU\..\Run: [Bit] C:\WINDOWS\Gte.exe
O4 - HKCU\..\Run: [Ttq] C:\WINDOWS\System32\Gud.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Global Startup: Camio Viewer 3.2.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
O4 - Global Startup: HPAiODevice.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\bin\hpodev07.exe
O4 - Global Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Hewlett-Packard Recorder.lnk = C:\Program Files\Hewlett-Packard\hp psc 700 series\FRU\Remind32.exe
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Encarta Encyclopedia (HKLM)
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia (HKLM)
O9 - Extra button: Define (HKLM)
O9 - Extra 'Tools' menuitem: Define (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Dell Home (HKCU)
O16 - DPF: Win32 Classes -  
 
IP Logged
Kayrac
Full Member
***






   
Email

Posts: 162
Re: Can you evaluate hijackthis log?
« Reply #1 on: Mar 4th, 2005, 2:08pm »		 Quote Quote  Modify Modify
http://www.dslreports.com/faq/8428
 
follow those steps and post in there security forum, they have a bit more people that are good with hijackthis, but you do have something bad on your computer, if not multiple things
just follow the FAQ, and post in that forum, and you'll get fixed up
IP Logged
Kayrac
Full Member
***






   
Email

Posts: 162
Re: Can you evaluate hijackthis log?
« Reply #2 on: Mar 4th, 2005, 2:13pm »		 Quote Quote  Modify Modify
also this link has a link to another spot you can post your log
http://forum.misec.net/board/Trojans/1083505568
IP Logged
Kayrac
Full Member
***






   
Email

Posts: 162
Re: Can you evaluate hijackthis log?
« Reply #3 on: Mar 4th, 2005, 2:20pm »		 Quote Quote  Modify Modify
also a new version of hijackthis is available
http://www.merijn.org/files/hijackthis.zip
that is the link to it, when you post to those sites, use this version
IP Logged
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register