Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

archiees

19 Posts

663

April 6th, 2005 23:00

hijack this log. please check for spyware and adware,,,in my XP pro

Logfile of HijackThis v1.99.1

Scan saved at 8:32:12 PM, on 4/6/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\S24EvMon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\Network Associates\VirusScan\mcshield.exe

C:\Program Files\Network Associates\VirusScan\vstskmgr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\RegSrvc.exe

C:\WINDOWS\System32\RoamMgr.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\Intel\Switching\User\RoamSvc.exe

C:\WINDOWS\system32\ZCfgSvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE

C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe

C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Yahoo!\Messenger\YPager.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\irftp.exe

C:\Program Files\Samsung\EasyGPRS\EasyGPRS.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\DOCUME~1\Raman\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bumc.bu.edu/Dept/Home.aspx?DepartmentID=385

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet

O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab

O18 - Protocol: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - C:\Program Files\Autodesk\Inventor Professional 8\bin\HSPCLPRO10.dll

O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Adapter Switching (IntelRoam) - Intel Corporation - C:\Program Files\Intel\Switching\User\RoamSvc.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe

O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe

O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe

O23 - Service: RoamMgr - Intel Corporation - C:\WINDOWS\System32\RoamMgr.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

zbestwun2001

3 Apprentice

 • 

8.8K Posts

April 7th, 2005 00:00

Hi and welcome,

Before we begin, let's move HiJackThis to it's own folder; like C:\HJT.

Besides that you are clean as a whistle.

Wish all the logs I work on were this clean. Whatever protection you are using along with your common sense don't stop doing that.

Easy,
Steve

Image hosted by Photobucket.com










botzaris

277 Posts

April 7th, 2005 07:00

archiees, i just read your high grade results. i also want my pc to be as "cleas as a whistle". tell me what protection and common sense are you using? botzaris


 

archiees

19 Posts

April 7th, 2005 22:00

i don't download any program not needed and the music from internet on my machine. i guess thats what keep it clean, there're not sharing softwares installed on it. Also, i use Adaware.

zbestwun2001

3 Apprentice

 • 

8.8K Posts

April 7th, 2005 22:00

Just a couple tips.

1. If you use P2P programs you are leaving yourself open for problems.
2. Porn sites will create problems.
3. Online Casinos will mess with you sometimes.
4. and like was stated, be REAL picky on what you download.


Steve SpyBoT~~~ AVG7-AntiVirus~~~ SygateFirewall~~~ AdAwareSE~~~ SpywareBlaster~~~" CleanUp~~~ HiJackThis~~~ About Buster~~~ MWAV~~~ CWShredder.exe~~~ SpyGuard~~~

View More

View All

No Events found!

Top