Hijack This log help
Results 1 to 5 of 5

Thread: Hijack This log help

  1. January 23rd, 2004, 03:42 PM #1
    RingoSaturn's Avatar
    RingoSaturn
    RingoSaturn is offline Member due to bribery
    Join Date
    Mar 1999
    Location
    mpls
    Posts
    408

    Hijack This log help

    I was wondering if someone could look through the following "hijack this" log and tell me if they note anything that should be removed.

    Also, are their any good web-sites with lists of common hijack this settings that are candidates for removal? If not, any thoughts on people creating sort of a public one here?

    Thanks:

    _________________________________________________


    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
    C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    C:\WINNT\System32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\mspmspsv.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\Network Associates\VirusScan\VsStat.exe
    C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
    C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\Avconsol.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\System32\RUNDLL32.EXE
    C:\WINNT\System32\pctspk.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\WINNT\System32\PRPCUI.exe
    C:\WINNT\System32\DSentry.exe
    C:\SCANJET\PrecisionScanPro\HPLamp.exe
    C:\Program Files\RightFax\FaxCtrl.exe
    C:\progra~1\scansoft\paperp~1\pptd40nt.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\PROGRA~1\SYSTEM~1\soap.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    C:\Program Files\Webshots\WebshotsTray.exe
    C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
    C:\Program Files\Common Files\System\MAPI\1033\nt\MAPISP32.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\tutecht\Desktop\Spyware Software\Hijack This\HijackThis.exe

    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
    O4 - HKLM\..\Run: [DVDSentry] C:\WINNT\System32\DSentry.exe
    O4 - HKLM\..\Run: [HP Lamp] C:\SCANJET\PrecisionScanPro\HPLamp.exe
    O4 - HKLM\..\Run: [RightFAX Print-to-Fax Driver] C:\Program Files\RightFax\FaxCtrl.exe
    O4 - HKLM\..\Run: [PaperPort PTD] c:\progra~1\scansoft\paperp~1\pptd40nt.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Principia Online Update.lnk = C:\Program Files\Morningstar\Principia\Schedupd.exe
    O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: {08BA3416-D9F1-402D-B117-6BEF929C1B39} (TwainScan.Scan) - https://cfs1.orcasnet.com/beta-component/TwainScan.CAB
    O16 - DPF: {40289096-9F72-4A04-BCB3-E434ECDCEE33} (AppDLCtrl Class) - http://download.howudodat.com/chatte...load/appdl.cab
    O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} (MSN Money Charting) - http://fdl.msn.com/public/investor/v13/invinstl.exe
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...754.5974768519
    O16 - DPF: {AA59BA6E-B44F-4514-AB3C-0C1DD2306FC3} (MSN Money Charting) - http://fdl.msn.com/public/investor/v12/invinstl.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...wflash4r28.cab
    ...this one goes to 11...
    Reply With Quote Reply With Quote
  2. January 23rd, 2004, 03:51 PM #2
    P3-450's Avatar
    P3-450
    P3-450 is offline SiTe MoDeRaToR
    Join Date
    Oct 2002
    Location
    Here, there and everywhere
    Posts
    7,355
    Cant see anything wrong with that log

    here is some sites that give you info on known parasite and spyware.

    http://www.doxdesk.com/parasite/

    http://www.spywareguide.com/product_list_full.php

    http://www.spywareinfo.com/

    hope this helps
    Last edited by P3-450; January 23rd, 2004 at 03:57 PM.
    Who are you? Introduce yourself here

    P3-450 powered by

    Intel Core 2 Duo E6600
    Gigabyte 965P DQ6
    4 Gig Crucial Ballistix PC6400
    Gainward Nvidia Geforce 7950GT
    2X Western Digital Caviar 320GB SATA2
    Soundblaster X-Fi XtremeMusic
    Samsung SH-D162C DVD Rom
    Lite-On SHM-165P6S DVDRW
    Samsung 20" LCD Syncmaster 206BW
    Thermaltake Kandalf VA9000SWA Tower
    Tagan Dual Engine 700W PSU
    XP PRO SP3/Windows 7 64-bit
    --------------
    Samsung NC10 2GB Ram
    Windows 7 32-bit
    Reply With Quote Reply With Quote
  3. January 23rd, 2004, 03:55 PM #3
    Craigery5999's Avatar
    Craigery5999
    Craigery5999 is offline Virtual Intern
    Join Date
    Aug 2002
    Location
    New York
    Posts
    325
    Everything looks good to me.
    Incredible PC Solutions

    Q: How many Microsoft tech support people does it take to change a light bulb?
    A: Four:
    One to ask "What is the registration number of the light bulb?"
    One to ask "Have you tried rebooting it?"
    Another to ask "Have you tried reinstalling it?"
    And the last one to say "It must be your hardware because the light bulb in our office works fine..."
    Reply With Quote Reply With Quote
  4. January 23rd, 2004, 04:19 PM #4
    RingoSaturn's Avatar
    RingoSaturn
    RingoSaturn is offline Member due to bribery
    Join Date
    Mar 1999
    Location
    mpls
    Posts
    408
    Thanks for lookin'. Also, thanks for those links, it's always good to have another resource.
    ...this one goes to 11...
    Reply With Quote Reply With Quote
  6. January 23rd, 2004, 04:21 PM #5
    P3-450's Avatar
    P3-450
    P3-450 is offline SiTe MoDeRaToR
    Join Date
    Oct 2002
    Location
    Here, there and everywhere
    Posts
    7,355
    Your Welcome
    Who are you? Introduce yourself here

    P3-450 powered by

    Intel Core 2 Duo E6600
    Gigabyte 965P DQ6
    4 Gig Crucial Ballistix PC6400
    Gainward Nvidia Geforce 7950GT
    2X Western Digital Caviar 320GB SATA2
    Soundblaster X-Fi XtremeMusic
    Samsung SH-D162C DVD Rom
    Lite-On SHM-165P6S DVDRW
    Samsung 20" LCD Syncmaster 206BW
    Thermaltake Kandalf VA9000SWA Tower
    Tagan Dual Engine 700W PSU
    XP PRO SP3/Windows 7 64-bit
    --------------
    Samsung NC10 2GB Ram
    Windows 7 32-bit
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules