Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Another HiJackThis log..ahhah
New Posts  All Forums:Forum Nav:

Another HiJackThis log..ahhah

post #1 of 5
Thread Starter 
okay, i just ran Hijackthis, and i need some help on deciphering the logfile reps
Code:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 5:44:45 PM, on 7/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\\WINDOWS2\\System32\\smss.exe
C:\\WINDOWS2\\system32\\winlogon.exe
C:\\WINDOWS2\\system32\\services.exe
C:\\WINDOWS2\\system32\\lsass.exe
C:\\WINDOWS2\\system32\\svchost.exe
C:\\WINDOWS2\\System32\\svchost.exe
C:\\WINDOWS2\\Explorer.EXE
C:\\WINDOWS2\\system32\\ctfmon.exe
C:\\Program Files\\Bonjour\\mDNSResponder.exe
C:\\Core 0\\FAH504-Console.exe
C:\\Core 1\\FAH504-Console.exe
C:\\WINDOWS2\\system32\
vsvc32.exe
C:\\Core 0\\FahCore_78.exe
C:\\Core 1\\FahCore_80.exe
C:\\WINDOWS2\\system32\\wuauclt.exe
C:\\Program Files\\Opera\\Opera.exe
C:\\Program Files\\Windows Media Player\\wmplayer.exe
C:\\Program Files\\Pidgin\\pidgin.exe
C:\\Program Files\\Steam\\Steam.exe
C:\\Program Files\\Internet Explorer\\iexplore.exe
C:\\Documents and Settings\\Ryazn\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\LIVEMACRO_07d.exe
C:\\Documents and Settings\\Ryazn\\Desktop\\HiJackThis_v2.exe

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.6.0_01\\bin\\ssv.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\\Program Files\\Styler\\TB\\StylerTB.dll
O4 - HKLM\\..\\Run: [amd_dc_opt] C:\\Program Files\\AMD\\Dual-Core Optimizer\\amd_dc_opt.exe
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS2\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [MSConfig] C:\\WINDOWS2\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto
O4 - HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS2\\system32\\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_01\\bin\\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_01\\bin\\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~4\\Office12\\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{E33703D8-FE45-470F-8FFC-0400297F38EB}: NameServer = 208.67.220.220,208.67.222.222
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\\WINDOWS2\\system32\\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\WINDOWS2\\system32\\browseui.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\\Program Files\\Bonjour\\mDNSResponder.exe
O23 - Service: FAH@C:+Core 0+FAH504-Console.exe - Stanford University - C:\\Core 0\\FAH504-Console.exe
O23 - Service: FAH@C:+Core 1+FAH504-Console.exe - Stanford University - C:\\Core 1\\FAH504-Console.exe
O23 - Service: FAH@C:+Program Files+Folding@Home Windows SMP Client V1.01+fah.exe - Unknown owner - C:\\Program Files\\Folding@Home Windows SMP Client V1.01\\fah.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\\Program Files\\Alex Feinman\\ISO Recorder\\ImapiHelper.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS2\\system32\
vsvc32.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\\WINDOWS2\\system32\\pr2ah4nc.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP1a\\Win32\\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP1a\\RpcSandraSrv.exe
O24 - Desktop Component 0: (no name) - http://www.meebo.com/

--
End of file - 4873 bytes
PURE ACTION!
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 955 GA-990XA-UD3 NVIDIA GeForce GTX 460 Corsair  
RAMHard DriveOptical DriveOS
Corsair  2x500GB 7200.11 RAID 0 + 320GB 7200.11 1x DVD Windows 7 x64 
MonitorKeyboardPowerCase
22" Acer WS Logitech Ergo 700W OCZ GameXstream Antec 300 
Mouse
MX-600 
  hide details  
Reply
PURE ACTION!
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 955 GA-990XA-UD3 NVIDIA GeForce GTX 460 Corsair  
RAMHard DriveOptical DriveOS
Corsair  2x500GB 7200.11 RAID 0 + 320GB 7200.11 1x DVD Windows 7 x64 
MonitorKeyboardPowerCase
22" Acer WS Logitech Ergo 700W OCZ GameXstream Antec 300 
Mouse
MX-600 
  hide details  
Reply
post #2 of 5
You don't need C:\\WINDOWS2\\system32\
vsvc32.exe
or C:\\WINDOWS2\\system32\\ctfmon.exe

Oh yeah you can disable C:\\WINDOWS2\\system32\\wuauclt.exe if you want, I update manually.

Any reason Steam is running?
Mighty-iTX
(12 items)
 
One foot in..
(17 items)
 
mATX
(12 items)
 
CPUMotherboardGraphicsRAM
i7-4770K M7-Impact Strix GTX980 Samsung 
Hard DriveCoolingOSMonitor
Crucial M4 256 Glacer 240L W8.1 K272HUL 
KeyboardPowerCaseMouse
Saitek Seasonic X-650 Prodigy MX518 
CPUMotherboardGraphicsGraphics
4770K/45/43 Maximus VI Extreme R290X R290X 
RAMHard DriveHard DriveOptical Drive
Samsung Crucial M4 64GB RAIDR LSSWM 
CoolingOSMonitorKeyboard
Cooler Master Glacer 7 Ultimate 64 SyncMaster Eclipse 
PowerCaseMouseMouse Pad
XFX 1050 BE 600T Silver MX518 Desk 
CPUMotherboardGraphicsRAM
i5-4330 Z87 Gryphon GTX690 G.Skill RipJawsX 
Hard DriveCoolingOSMonitor
WD Blacks Hyper 212 W8.1 ACER 
KeyboardPowerCaseMouse
Logitech Ultra X3 1000w Corsair 230T Orange Razer 
  hide details  
Reply
Mighty-iTX
(12 items)
 
One foot in..
(17 items)
 
mATX
(12 items)
 
CPUMotherboardGraphicsRAM
i7-4770K M7-Impact Strix GTX980 Samsung 
Hard DriveCoolingOSMonitor
Crucial M4 256 Glacer 240L W8.1 K272HUL 
KeyboardPowerCaseMouse
Saitek Seasonic X-650 Prodigy MX518 
CPUMotherboardGraphicsGraphics
4770K/45/43 Maximus VI Extreme R290X R290X 
RAMHard DriveHard DriveOptical Drive
Samsung Crucial M4 64GB RAIDR LSSWM 
CoolingOSMonitorKeyboard
Cooler Master Glacer 7 Ultimate 64 SyncMaster Eclipse 
PowerCaseMouseMouse Pad
XFX 1050 BE 600T Silver MX518 Desk 
CPUMotherboardGraphicsRAM
i5-4330 Z87 Gryphon GTX690 G.Skill RipJawsX 
Hard DriveCoolingOSMonitor
WD Blacks Hyper 212 W8.1 ACER 
KeyboardPowerCaseMouse
Logitech Ultra X3 1000w Corsair 230T Orange Razer 
  hide details  
Reply
post #3 of 5
Thread Starter 
thanks...is that all?
PURE ACTION!
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 955 GA-990XA-UD3 NVIDIA GeForce GTX 460 Corsair  
RAMHard DriveOptical DriveOS
Corsair  2x500GB 7200.11 RAID 0 + 320GB 7200.11 1x DVD Windows 7 x64 
MonitorKeyboardPowerCase
22" Acer WS Logitech Ergo 700W OCZ GameXstream Antec 300 
Mouse
MX-600 
  hide details  
Reply
PURE ACTION!
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 955 GA-990XA-UD3 NVIDIA GeForce GTX 460 Corsair  
RAMHard DriveOptical DriveOS
Corsair  2x500GB 7200.11 RAID 0 + 320GB 7200.11 1x DVD Windows 7 x64 
MonitorKeyboardPowerCase
22" Acer WS Logitech Ergo 700W OCZ GameXstream Antec 300 
Mouse
MX-600 
  hide details  
Reply
post #4 of 5
Thread Starter 
yeah, i was playing CSS
PURE ACTION!
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 955 GA-990XA-UD3 NVIDIA GeForce GTX 460 Corsair  
RAMHard DriveOptical DriveOS
Corsair  2x500GB 7200.11 RAID 0 + 320GB 7200.11 1x DVD Windows 7 x64 
MonitorKeyboardPowerCase
22" Acer WS Logitech Ergo 700W OCZ GameXstream Antec 300 
Mouse
MX-600 
  hide details  
Reply
PURE ACTION!
(14 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X4 955 GA-990XA-UD3 NVIDIA GeForce GTX 460 Corsair  
RAMHard DriveOptical DriveOS
Corsair  2x500GB 7200.11 RAID 0 + 320GB 7200.11 1x DVD Windows 7 x64 
MonitorKeyboardPowerCase
22" Acer WS Logitech Ergo 700W OCZ GameXstream Antec 300 
Mouse
MX-600 
  hide details  
Reply
post #5 of 5
Just copy and paste the list into www.hijackthis.de next time.


I just did it with that list and it showed up everything as being safe. Your fine
My Rigasaurus-reX
(13 items)
 
  
CPUMotherboardGraphicsRAM
Toledo 3800 X2 E6 (CCBWE) DFI nF4 LanParty Ultra-D XFX 6800GS 500/1200 2x512MB OCZ Enhanced Latency 
Hard DriveOptical DriveOSMonitor
250GB WD-Caviar 16M 3GB/s NEC ND-3550A Windows XP Pro SP2 17in. ŁĊĐ 
KeyboardPowerCaseMouse
Logitech G11 Åntec TRUEPOWERII 550W ThermalTake Tsunami Logitech G7 Wireless 
Mouse Pad
SteelPad S&S 
  hide details  
Reply
My Rigasaurus-reX
(13 items)
 
  
CPUMotherboardGraphicsRAM
Toledo 3800 X2 E6 (CCBWE) DFI nF4 LanParty Ultra-D XFX 6800GS 500/1200 2x512MB OCZ Enhanced Latency 
Hard DriveOptical DriveOSMonitor
250GB WD-Caviar 16M 3GB/s NEC ND-3550A Windows XP Pro SP2 17in. ŁĊĐ 
KeyboardPowerCaseMouse
Logitech G11 Åntec TRUEPOWERII 550W ThermalTake Tsunami Logitech G7 Wireless 
Mouse Pad
SteelPad S&S 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Another HiJackThis log..ahhah