Hijackthis Log

Forceape · December 2, 2005

Hey, Not done one in time so just thought if anyone could check it for me I'll be V.Greatful :)

I did try to put it in a folder of its own so it makes backups, but im not quite sure if i did it right lol :?

Anyways heres the log

Logfile of HijackThis v1.99.1

Scan saved at 14:55:23, on 02/12/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

C:\WINDOWS\system32\services[Caution: ExecutableFile]

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

C:\Program Files\Common Files\AOL\ACS\AOLAcsd[Caution: ExecutableFile]

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

C:\WINDOWS\Explorer[Caution: ExecutableFile]

C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]

C:\Program Files\Common Files\AOL\ACS\AOLDial[Caution: ExecutableFile]

C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler[Caution: ExecutableFile]

C:\Program Files\VoyagerTest\fts[Caution: ExecutableFile]

C:\Program Files\AOL 9.0\waol[Caution: ExecutableFile]

C:\Program Files\Real\RealPlayer\RealPlay[Caution: ExecutableFile]

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

C:\WINDOWS\system32\wscntfy[Caution: ExecutableFile]

C:\Program Files\AOL 9.0\shellmon[Caution: ExecutableFile]

C:\Program Files\Common Files\AOL\aoltpspd[Caution: ExecutableFile]

C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile]

C:\WINDOWS\system32\LVComsX[Caution: ExecutableFile]

C:\PROGRA~1\MOZILL~1\FIREFOX[Caution: ExecutableFile]

C:\Program Files\LimeWire\LimeWire[Caution: ExecutableFile]

C:\Program Files\Windows Media Player\wmplayer[Caution: ExecutableFile]

C:\DOCUME~1\Dave\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis[Caution: ExecutableFile]

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://music.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.co.uk

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.msn.co.uk/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial[Caution: ExecutableFile]

O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler[Caution: ExecutableFile]"

O4 - HKLM\..\Run: [%FP%Friendly fts[Caution: ExecutableFile]] "C:\Program Files\VoyagerTest\fts[Caution: ExecutableFile]"

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay[Caution: ExecutableFile] SYSTEMBOOTHIDEPLAYER

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-beta.trendmicro.com/[garden tool] ... scan60.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computerc ... diagcc.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab

O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.com/images/uploader/ ... loader.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{932BB0A0-DD69-4C1D-9943-7476CC6FEEB7}: NameServer = 205.188.146.145

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd[Caution: ExecutableFile]

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

Thanks :D

coltm4carbine · December 2, 2005

hi no you have not done it right- not really.

i have a look through the log.

heres my canned for doing it hopefully it will clear things up:

Create a folder on the C: drive called C:\HJT.

You can do this by going to My Computer (Windows key+e) then double click on C: then right click and select New then Folder and name it hjt

Move HJT into this new folder please,

This is important so please do this prior to anything else please

coltm4carbine · December 2, 2005

ok had a quick look all looks good :)

Sign In

Hijackthis Log

Recommended Posts

Forceape

Link to comment

Share on other sites

coltm4carbine

Link to comment

Share on other sites

coltm4carbine

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Browse

Activity

Important Information