ComputerForum.com ComputerForum.com  

Go Back   Computer Forum > Computer Software > Computer Security
hijackthis log hijackthis log
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
Old 12-20-2007, 07:50 AM   #1 (permalink)
VIP Member
 
ThatGuy16's Avatar
 
Join Date: Apr 2007
Location: USA
Age: 18
Posts: 5,795
Default hijackthis log
Does all this seem normal?

Thanks


Quote:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:49:21 AM, on 12/20/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Common Files\AOL\1195186730\ee\aolsoftware.exe
C:\Program Files (x86)\AOL 9.0\waol.exe
C:\Program Files (x86)\AOL 9.0\shellmon.exe
C:\Users\Corey\Downloads\Apps\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (file missing)
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files (x86)\AOL 9.0\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://128.230.73.133/activex/AMC.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Cleicav6 - Unknown owner - C:\Windows\system32\drivers\aswMonFlt.sys (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - Unknown owner - C:\Windows\system32\pr2ah4nc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6797 bytes
__________________
CPU: C2D E8400 @ 4Ghz 1.24v
HSF: Apogee GTX
MB: Gigabyte X38-DS4
Ram: 2x2GB G. Skill DDR2-1068
HDD: 320GB Seagate
PSU: OCZ GameXStream 700w
OS: Vista Home Premium 64bit
GFX: 2x HD4850 Crossfire
LCD: LG 22" L226WTQ
3DMark06: 20974
ThatGuy16 is offline   Reply With Quote


Old 12-21-2007, 07:03 AM   #2 (permalink)
VIP Member
 
ThatGuy16's Avatar
 
Join Date: Apr 2007
Location: USA
Age: 18
Posts: 5,795
Default
you guys are no fun
__________________
CPU: C2D E8400 @ 4Ghz 1.24v
HSF: Apogee GTX
MB: Gigabyte X38-DS4
Ram: 2x2GB G. Skill DDR2-1068
HDD: 320GB Seagate
PSU: OCZ GameXStream 700w
OS: Vista Home Premium 64bit
GFX: 2x HD4850 Crossfire
LCD: LG 22" L226WTQ
3DMark06: 20974
ThatGuy16 is offline   Reply With Quote
Old 12-21-2007, 09:51 AM   #3 (permalink)
Diamond Member
 
GameMaster's Avatar
 
Join Date: Dec 2007
Location: Croatia
Age: 17
Posts: 3,972
Default
Yeah its clean
__________________
dznutz:
Quote:
a firewall is like a gate. it keeps the bad people out and the dog in but it's not fool proof. but lets say you download and run an infected program. that will be like letting in a "friend." if it's infected you run that program you can get malware. that's like a friend raping your family and stealing your money.
GameMaster is offline   Reply With Quote
Old 12-21-2007, 11:15 AM   #4 (permalink)
Platinum Member
 
adarsh's Avatar
 
Join Date: Jul 2007
Location: Dubai
Posts: 895
Default
It looks pretty clean. But I recommend that you wait for someone like ceewi1 to confirm.
__________________
http://img77.imageshack.us/img77/7130/kainzr2.jpg

Your views about my post are highly appreciated.
Please bear in mind that I too am human, and therefore am prone to making errors.
If you think that I am wrong, please do not hesitate to PM me suggesting a better fix.
Thank you.


Please visit Punk's gallery
adarsh is offline   Reply With Quote
Old 12-22-2007, 08:32 AM   #5 (permalink)
VIP Member
 
ThatGuy16's Avatar
 
Join Date: Apr 2007
Location: USA
Age: 18
Posts: 5,795
Default
I use windows firewall, so i should use something like zonealarm? i have AVG, ill set it to run on startup.

Thanks ceewi
__________________
CPU: C2D E8400 @ 4Ghz 1.24v
HSF: Apogee GTX
MB: Gigabyte X38-DS4
Ram: 2x2GB G. Skill DDR2-1068
HDD: 320GB Seagate
PSU: OCZ GameXStream 700w
OS: Vista Home Premium 64bit
GFX: 2x HD4850 Crossfire
LCD: LG 22" L226WTQ
3DMark06: 20974
ThatGuy16 is offline   Reply With Quote


Old 12-22-2007, 09:09 AM   #6 (permalink)
Moderator
 
ceewi1's Avatar
 
Join Date: Dec 2005
Location: Melbourne, Australia
Age: 22
Posts: 5,418
Default
You're welcome. Third party firewalls do provide a far greater level of protection than the one built into Windows, so I would recommend using one.
__________________

CPU: Core 2 Duo E6600 / MOBO: Gigabyte 965P-DS3 / GPU: Gigabyte HD4870
RAM: 2GB G.Skill F2-6400CL4D-2GBPK / HDD: 2TB Total HDD / PSU: Antec NeoPower 480W

Cheap PSUs - 2% of system costs, responsible for 28% of system deaths
As Sealed Stick was removed, lost or damaged, it shall be out of warranty validity.
- The "Warranty void if removed" sticker on numerous CoolerMaster PSUs.
ceewi1 is offline   Reply With Quote
Old 12-22-2007, 04:49 PM   #7 (permalink)
Silver Member
 
Join Date: Apr 2006
Posts: 148
Default
now does zonealarm work with vista? im hearing it doesnt.
speedaccordinly is offline   Reply With Quote
Old 12-23-2007, 02:58 AM   #8 (permalink)
Moderator
 
ceewi1's Avatar
 
Join Date: Dec 2005
Location: Melbourne, Australia
Age: 22
Posts: 5,418
Default
Hmm, forgot about that. It works fine with 32 bit Vista, but not with the 64 bit version (there was a beta at some point, but it's been pulled). They're not the only ones with that limitation either. Comodo is one good option for Vista 64 bit
__________________

CPU: Core 2 Duo E6600 / MOBO: Gigabyte 965P-DS3 / GPU: Gigabyte HD4870
RAM: 2GB G.Skill F2-6400CL4D-2GBPK / HDD: 2TB Total HDD / PSU: Antec NeoPower 480W

Cheap PSUs - 2% of system costs, responsible for 28% of system deaths
As Sealed Stick was removed, lost or damaged, it shall be out of warranty validity.
- The "Warranty void if removed" sticker on numerous CoolerMaster PSUs.
ceewi1 is offline   Reply With Quote
Old 12-22-2007, 07:37 AM   #9 (permalink)
Moderator
 
ceewi1's Avatar
 
Join Date: Dec 2005
Location: Melbourne, Australia
Age: 22
Posts: 5,418
Default
Sorry about the delay. Your logfile does appear to be clean, but I notice that you do not seem to be running antivirus software or a third party firewall. This is somewhat suicidal in today's digital world. AVG makes an excellent free antivirus client, as do AntiVir or avast!. I suggest installing one to protect your PC.

Also, consider maintaining a firewall. Some good free firewalls are ZoneAlarm, Kerio, or Outpost
__________________

CPU: Core 2 Duo E6600 / MOBO: Gigabyte 965P-DS3 / GPU: Gigabyte HD4870
RAM: 2GB G.Skill F2-6400CL4D-2GBPK / HDD: 2TB Total HDD / PSU: Antec NeoPower 480W

Cheap PSUs - 2% of system costs, responsible for 28% of system deaths
As Sealed Stick was removed, lost or damaged, it shall be out of warranty validity.
- The "Warranty void if removed" sticker on numerous CoolerMaster PSUs.
ceewi1 is offline   Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
hijackthis log help M0ddingMan1a Computer Security 5 02-09-2007 02:12 AM
Tons of adware and virus's (Hijackthis log) MrBucket Computer Security 1 02-05-2006 07:54 PM
HijackThis Log mpic92 Computer Security 2 10-30-2005 03:37 PM
Hijackthis log cabby Computer Security 1 10-24-2005 12:21 AM
!Urgent!:: Application Hijack & Hijackthis log Kilee Computer Security 3 10-22-2005 09:44 PM


All times are GMT +1. The time now is 08:13 PM.

Contact Us - Computer Forum - Sitemap - Top

Powered by: vBulletin Version 3.8.4
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.0 ©2009, Crawlability, Inc.
Copyright © 2002-2009 Computer Forum - Internet Business - Web Design Forum