Jump to content

Hijackthis file (could someone have a look please) :)

Kielmccaul75

By Kielmccaul75
in Tech and Computers

 Share

Recommended Posts

Kielmccaul75

Kielmccaul75

Posted
Posted

Well, I figure it is about time to post a hijcakthis log lol, and I have little knowledge of technical jargon so I came to the best place for help. Here. I have a sibling who also toys with MMORPG's who claimed to have "broken" the computer lol, from what I got out of her our firewall gave a bunch of messages ;)

 

 

 

Anyways, I am running SP2 as the log says if you need any more information please ask :)

 

 

 

--------------------------------------------------------------------------------------------------------------------------------

 

 

 

Logfile of HijackThis v1.99.1

 

 

 

Scan saved at 9:15:02 PM, on 9/07/2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccProxy[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton Internet Security\ISSVC[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

 

 

 

C:\Program Files\Analog Devices\SoundMAX\SMAgent[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr[Caution: ExecutableFile]

 

 

 

C:\Program Files\Intel\Intel® Active Monitor\imonnt[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\Program Files\Java\jre1.5.0_02\bin\jusched[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3F2[Caution: ExecutableFile]

 

 

 

C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Ulead Systems\DVD\USISrv[Caution: ExecutableFile]

 

 

 

C:\Program Files\Intel\Intel® Active Monitor\imontray[Caution: ExecutableFile]

 

 

 

C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

C:\Program Files\Winamp\winampa[Caution: ExecutableFile]

 

 

 

C:\Program Files\VIAudioi\SBADeck\ADeck[Caution: ExecutableFile]

 

 

 

C:\Program Files\Analog Devices\SoundMAX\SMax4PNP[Caution: ExecutableFile]

 

 

 

C:\Program Files\Analog Devices\SoundMAX\Smax4[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\ctfmon[Caution: ExecutableFile]

 

 

 

C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\WISPTIS[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\ntvdm[Caution: ExecutableFile]

 

 

 

C:\Program Files\LimeWire\LimeWire[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE[Caution: ExecutableFile]

 

 

 

C:\Documents and Settings\Kiel\Desktop\Junk folder\hijackthis\HijackThis[Caution: ExecutableFile]

 

 

 

 

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://v5.windowsupdate.microsoft.com/v ... x?ln=en-us

 

 

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

 

 

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

 

 

 

O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

 

 

 

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

 

 

 

O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

 

 

 

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

 

 

 

O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray[Caution: ExecutableFile]" /s

 

 

 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon[Caution: ExecutableFile] /Consumer

 

 

 

O4 - HKLM\..\Run: [EPSON Stylus Photo R310 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3F2[Caution: ExecutableFile] /P30 "EPSON Stylus Photo R310 Series" /O6 "USB001" /M "Stylus Photo R310"

 

 

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

 

 

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

 

 

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install

 

 

 

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

 

 

 

O4 - HKLM\..\Run: [uSIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [iMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sonicFocus] "C:\Program Files\Sonic Focus\SFIGUI\SFIGUI[Caution: ExecutableFile]" BOOT

 

 

 

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck[Caution: ExecutableFile] 1

 

 

 

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4[Caution: ExecutableFile]" /tray

 

 

 

O4 - HKCU\..\Run: [CTFMON[Caution: ExecutableFile]] C:\WINDOWS\system32\ctfmon[Caution: ExecutableFile]

 

 

 

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background

 

 

 

O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen[Caution: ExecutableFile] /nosplash

 

 

 

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL[Caution: ExecutableFile]/3000

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll

 

 

 

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab

 

 

 

O16 - DPF: {3C200107-2959-4C6E-91B8-F6D911B398A8} (Driver_Detective_v43_Members.DD_v43) - http://www.drivershq.com/cab/prod/Drive ... embers.CAB

 

 

 

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 6191548765

 

 

 

O16 - DPF: {82F2D6B2-6C58-4404-A930-9DB0FD90D4B1} (Driver_Detective_v43_Non_Member.DD_v43) - http://www.drivershq.com/cab/prod/Drive ... Member.CAB

 

 

 

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab

 

 

 

O17 - HKLM\System\CCS\Services\Tcpip\..\{B8F17BF9-B1EF-418F-AB17-1CFA5AB9E856}: NameServer = 203.49.70.20 139.134.2.190

 

 

 

O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll

 

 

 

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]

 

 

 

O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt[Caution: ExecutableFile]

 

 

 

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC[Caution: ExecutableFile]

 

 

 

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

 

 

 

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan[Caution: ExecutableFile]

 

 

 

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

 

 

 

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr[Caution: ExecutableFile]

 

 

 

--------------------------------------------------------------------------------------------------------------------------------

 

 

 

Thanks in advance guys :)

Link to comment
Share on other sites
Phil

Phil

Posted
Posted

Looks clean to me.

 

 

 

Btw are you running another firewall other than the windows one? I couldn't find it in the log. If not you should be. eg. Zone Alarm

sig2ho7.jpg
Link to comment
Share on other sites
Kielmccaul75

Kielmccaul75

Posted
  • Author
Posted
Looks clean to me.

 

 

 

Btw are you running another firewall other than the windows one? I couldn't find it in the log. If not you should be. eg. Zone Alarm

 

 

 

Norton Internet Security 05 :)

 

 

 

EDIT: I forgot to say thank you lol. Thanks Much :D

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept