home hardware prices news articles forums photos user reviews
Go Back   Tech Support Forums - TechIMO.com > PC Hardware and Tech > Security and Privacy Issues
Hijackthis log in need of review Hijackthis log in need of review
Join TechIMO for Free!
Register Blogs FAQ Members List Calendar Search Today's Posts Mark Forums Read
Reply Get bargains at  »  Dealighted.com
 
Thread Tools
Currently Active Users: 1526
Discussions: 186,731, Posts: 2,228,342, Members: 230,391
Free Scan: Update Your PC's Outdated Drivers to Optimize Performance
Old October 5th, 2008, 01:00 AM   Digg it!   #1 (permalink)
Junior Member
 
Join Date: Oct 2008
Posts: 2
Hijackthis log in need of review
I need some expertise.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:46:58 PM, on 10/4/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\svchost.exe
C:\Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Trend Micro\RUBotted\TMRUBottedLite.exe
C:\Documents and Settings\Creepersam\Desktop\RootkitRevealer.exe
C:\Documents and Settings\Creepersam\Desktop\RootkitRevealer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Creepersam\Desktop\HiJackThis.exe
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Files\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [TMRUBottedTray] "C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe"
O4 - HKLM\..\RunOnce: [InstallShieldSetup] C:\PROGRA~1\INSTAL~1\{12650~1\setup.exe -rebootC:\PROGRA~1\INSTAL~1\{12650~1\reboot.ini -l0x9
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AJVEWFUOOO - Sysinternals - www.sysinternals.com - C:\DOCUME~1\CREEPE~1\LOCALS~1\Temp\AJVEWFUOOO.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Files\FileZilla Server\FileZilla Server.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: OAWSJER - Sysinternals - www.sysinternals.com - C:\DOCUME~1\CREEPE~1\LOCALS~1\Temp\OAWSJER.exe
O23 - Service: Trend Micro RUBotted Service (RUBotted) - Trend Micro Inc. - C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 3573 bytes
chuck42 is offline   Reply With Quote
TechIMO.com Ads - Login or register for less ads.
How many errors does your computer have?

You no longer need to guess! This free stability scan and registry cleaner download will give you a complete diagnosis of your Windows registry, identifying errors and conflicts.

FREE instant scan


Guest, Register Free! to remove this ad and get your tech support questions answered in minutes!
Old October 5th, 2008, 01:26 AM     #2 (permalink)
Super Stealthy Moderator
 
RicheemxX's Avatar
 
Join Date: Jan 2003
Location: Outside the box
Posts: 4,365
Blog Entries: 4
Send a message via Yahoo to RicheemxX
I'd suggest familiarizing yourself with the tutorial and the use of the analyzer HijackThis Analyzer & Tutorial that said nothing nasty turns up in your log. Is there something more specific you need help with?
__________________
“Every question involves someone having to work for an answer, isn't it about time you did your share”
"The true measure of a man is the degree to which he has managed to subjugate his ego."

RicheemxX is offline   Reply With Quote
Old October 5th, 2008, 08:29 AM     #3 (permalink)
Junior Member
 
Join Date: Oct 2008
Posts: 2
the details
My logfile for nullsoft's shoutcast server indicated some very abnormal activity (Which I immediately banned on the side of security), however my Screen Saver was set to on (always off) and my Zone Alarm virus scan didn't run its nightly check even though it was on. Then I learned that Shoutcast had a security issue, which entailed injecting scripts into the browser, but there wasn't much more on it. The article said Nullsoft needed a patch and keep an eye out for it, which doesn't do me much good if my browser is being jacked. For the most part I'm an opera user. Zone Alarm also gave my weird ip addresses when first clicking on my browser - different ips dns when goint to my home page. Think I'm just paranoid?

Chuck

Last edited by chuck42 : October 5th, 2008 at 08:32 AM.
chuck42 is offline   Reply With Quote
Reply

« Help Needed indentifying Virus or Trojan | WARNING on clickjacking. »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Please Review My HijackThis Log ceily General Tech Discussion 0 October 2nd, 2004 02:28 PM
HijackThis Log njolakoski Security and Privacy Issues 1 September 6th, 2004 01:00 AM
Hijackthis Log Help. Please... Gyurza Security and Privacy Issues 2 August 3rd, 2004 07:39 PM
Help with HijackThis Log bhath19 Technical Support 11 July 5th, 2004 05:41 PM
Hijackthis log - help please! impulce Networking and Internet 1 January 8th, 2004 07:32 PM

Most Active Discussions
Is It Just Me? (749)
Newegg WARS!!! (55)
Best graphics card for around $600 (8)
E5200 15.2GHZ?? (12)
Car Talk! (8693)
Folderchat: The Holiday thread (159)
New info on the Phenom II X4 (46)
Best Boot Drive Imaging Software (17)
Bought an AGP "HIS Radeon HD 3.. (21)
Recent Discussions
Service Pack 3 (4)
replacing tvs msp345 printer he.. (1)
LCD monitor sizes and wide scre.. (4)
Should I build my computer arou.. (0)
Computer won't start (15)
E5200 15.2GHZ?? (12)
Folderchat: The Holiday thread (159)
Best graphics card for around $.. (8)
Logitech Mx 3200? (1)
Apple iPod touch 16 GB $200 (5)
FS: Dell 6000 laptop, modded 36.. (3)
Selling Rockband Bundle, Xbox s.. (2)


All times are GMT -4. The time now is 07:48 AM.
TechIMO Copyright 2008 All Enthusiast, Inc.

Contact Us - Tech Support Forums - TechIMO.com - Archive - Privacy Statement - Terms of Use -
Coupons and Deals and Dealighted - Store Ratings and Reviews - Web Business Blog - Top


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28