Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » Help!

[Fixed] Hijackthis! Logs - Help! posted in the Security & Safety forums; Hi, I'm a pretty much newbie when it comes to computer. I'm not sure what I'm looking for. If anyone could help, I would really be grateful. Thanks! StartupList report, ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
  #1  
Old 10-03-2007
New Poster
  
Join Date: Oct 2007
Posts: 1
HeySharon - See this Members User comments on their Profile page
Default Help!
Hi, I'm a pretty much newbie when it comes to computer. I'm not sure what I'm looking for. If anyone could help, I would really be grateful. Thanks!

StartupList report, 10/3/2007, 3:23:53 AM
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.16512)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

hpWirelessAssistant = "C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe"
igfxpers = C:\WINDOWS\system32\igfxpers.exe
High Definition Audio Property Page Shortcut = CHDAudPropShortcut.exe
SynTPEnh = "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
ISUSScheduler = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe
RecGuard = C:\Windows\SMINST\RecGuard.exe
Reminder = C:\Windows\CREATOR\Remind_XP.exe
iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe"
Advanced WindowsCare V2 Pro = "C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe" /startup
SmartDefrag = "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
FreeRAM XP = "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
Hide IP Platinum = C:\Program Files\Hide IP Platinum\hideippla.exe

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=sQusiStub.dll

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll - {724d43a9-0d85-11d4-9908-00400523e39a}
(no name) - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Advanced WindowsCare V2 Pro.job
AppleSoftwareUpdate.job
AwcProUpdate.job
Easy Internet Sign-up.job
MP Scheduled Quick Scan.job
SmartDefrag.job
User_Feed_Synchronization-{E09AB220-85C3-4A87-82B8-97791C698C76}.job

--------------------------------------------------

Enumerating Download Program Files:

[Hewlett-Packard Online Support Services]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll
CODEBASE = http://h50203.www5.hp.com/HPISWeb/Cu...ataManager.CAB

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\system32\macromed\Director\SwDir.dll
CODEBASE = http://fpdownload.macromedia.com/pub...irector/sw.cab

[TmHcmsX Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\TmHcmsX.ocx
CODEBASE = http://www.trendsecure.com/framework...ex/TmHcmsX.CAB

[CPlayFirstDinerDash2Control Object]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.68.dll
CODEBASE = http://zone.msn.com/bingame/dsh2/def...2.1.0.0.68.cab

[MSN Games - Installer]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ZIntro.ocx
CODEBASE = http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx
CODEBASE = http://fpdownload2.macromedia.com/ge...sh/swflash.cab

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll

--------------------------------------------------
End of report, 7,677 bytes
Report generated in 0.094 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
  #2  
Old 10-03-2007
MadGamer's Avatar
Elite Member
My PC
 
Join Date: May 2004
Location: UK
Posts: 2,335
PC Experience: Experienced
MadGamer - See this Members User comments on their Profile page MadGamer - See this Members User comments on their Profile page MadGamer - See this Members User comments on their Profile page MadGamer - See this Members User comments on their Profile page MadGamer - See this Members User comments on their Profile page MadGamer - See this Members User comments on their Profile page
Default Re: Help!
Hi there and welcome to PCHF, one of our security team members will be able to assist you soon.



Reply
Satellite TV on your PC - over 3000 Channels! Click Here!

Bookmarks

« Help Needed Asap!!! | Calling on a kindly malware buster! »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 05:19 PM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top
Debt Consolidation
Get out of debt fast.

Debt Help
In debt? Need help? Talk to our experts at Money Expert.

Image Hosting
Image Hosting for Myspace Ebay and More