|
| |||||||
| |
 |
| | Thread Tools |
|
#1
22-08-2007, 07:24 PM
| ||||
| ||||
 hijack log help Hi all,new pc as a gift but its 8 years old have run sas, a squared and spybot all in save mode. All clean, my question is should i run a hijack this log who knows where this pc has been Please remember im a newbie and pc experience is prety much zilch! running xp pro sp2 can somebody help please . (if a course you think this is required)  Thank very much in advance.       |
| |
|
#2
22-08-2007, 08:24 PM
| ||||
| ||||
| hijack log help It won't hurt anything to check. You can post one and we will check it out. Make sure you have updated and run a virus scan also. |
|
#3
22-08-2007, 08:32 PM
| ||||
| ||||
| hijack log help Thank you very much evilfantasy! have run antivirus check every thing ok. but as far as the rest (hijacklog) have know idea of where to even start . Need guidance PLEASE! |
|
#4
22-08-2007, 08:35 PM
| ||||
| ||||
| hijack log help Download HijackThis Here Once you have it downloaded install/save it to it's own folder!!! This is important for it to work properly. For example save in C:\program files\hijackthis You can then create a shortcut on the desktop. Once installed open the program and select Do a system scan and save logfile. **Important DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required. Save the log to your desktop. In the next post click Go Advanced. Scroll down and click Manage Attachments and add the log as an attachment. |
|
#5
22-08-2007, 09:20 PM
| ||||
| ||||
| hijack log help Hope this is it |
|
#6
22-08-2007, 09:22 PM
| ||||
| ||||
| hijack log help I have the hijack log on desk top went advanced it sais hijackthis file eror |
|
#7
22-08-2007, 09:24 PM
| ||||
| ||||
| hijack log help Just copy and paste it in the post. |
|
#8
22-08-2007, 09:25 PM
| ||||
| ||||
| hijack log help How this? |
|
#9
22-08-2007, 09:27 PM
| ||||
| ||||
| hijack log help Sorry will try again! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:42:52, on 22-08-2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Panda Software\Panda Internet Security 2007\pavsrv51.exe C:\Programas\Panda Software\Panda Internet Security 2007\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe E:\a-squared Free\a2service.exe C:\WINDOWS\system32\cisvc.exe C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programas\Panda Software\Panda Internet Security 2007\PsCtrls.exe C:\Programas\Panda Software\Panda Internet Security 2007\PavFnSvr.exe C:\Programas\Ficheiros comuns\Panda Software\PavShld\pavprsrv.exe C:\WINDOWS\system32\IoCtlSvc.exe C:\Programas\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe c:\programas\panda software\panda internet security 2007\firewall\PSHOST.EXE C:\Programas\Panda Software\Panda Internet Security 2007\PsImSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Programas\Ficheiros comuns\Ulead Systems\DVD\ULCDRSvr.exe C:\Programas\Panda Software\Panda Internet Security 2007\ApvxdWin.exe D:\WinPatrol\winpatrol.exe C:\WINDOWS\system32\ctfmon.exe C:\Programas\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\PROGRAMAS\EZ-DUB\EZ-DUB.EXE C:\Programas\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE C:\Programas\Panda Software\Panda Internet Security 2007\WebProxy.exe C:\Programas\Panda Software\Panda Internet Security 2007\PavBckPT.exe C:\WINDOWS\SYSTEM32\LVCOMSX.EXE C:\WINDOWS\SYSTEM32\cidaemon.exe C:\Programas\Internet Explorer\iexplore.exe C:\Programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações R3 - URLSearchHook: World_Tv_Center toolbar - {e077da94-6314-41f1-9f08-6607df65952e} - C:\Programas\World_Tv_Center\tbWor1.dll O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Programas\IE7Pro\IE7Pro.dll O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: World_Tv_Center toolbar - {e077da94-6314-41f1-9f08-6607df65952e} - C:\Programas\World_Tv_Center\tbWor1.dll O3 - Toolbar: World_Tv_Center toolbar - {e077da94-6314-41f1-9f08-6607df65952e} - C:\Programas\World_Tv_Center\tbWor1.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtim e.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [WinPatrol] D:\WinPatrol\winpatrol.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Programas\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [SCANINICIO] "C:\Programas\Panda Software\Panda Internet Security 2007\Inicio.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Programas\SAGEM\SAGEM F@st 800-840\dslmon.exe O8 - Extra context menu item: &Search - O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programas\IE7Pro\IE7Pro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programas\IE7Pro\IE7Pro.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab O16 - DPF: {4E8A3661-FB5B-4AEF-BF60-B0E9712FAE49} (Silverwire Image Uploader 3.0 Control) - http://www.fotowire.com/download/cli...eUploader3.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase8300.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1182530546718 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5CE1DED3-F082-4619-B898-1811199FF6D8}: NameServer = 212.55.154.174 O20 - Winlogon Notify: !SASWinLogon - D:\SASWINLO.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - E:\a-squared Free\a2service.exe O23 - Service: LXCRCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\LXCRse rv.exe (file missing) O23 - Service: lxcr_device - Unknown owner - (no file) O23 - Service: NBService - Nero AG - E:\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Ahead\Lib\NMIndexingService.exe O23 - Service: Panda Software Controller - Panda Software International - C:\Programas\Panda Software\Panda Internet Security 2007\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Programas\Panda Software\Panda Internet Security 2007\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software International - C:\Programas\Ficheiros comuns\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Programas\Panda Software\Panda Internet Security 2007\pavsrv51.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoCtlSvc.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Programas\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\programas\panda software\panda internet security 2007\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Programas\Panda Software\Panda Internet Security 2007\PsImSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programas\Ficheiros comuns\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 8347 bytes |
|
#10
22-08-2007, 09:44 PM
| ||||
| ||||
| hijack log help Items to remove in HJT. Open HJT and select do a system scan only. Remember to close all windows before clicking fix checked. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O8 - Extra context menu item: &Search - O23 - Service: LXCRCustomerConnect - Unknown owner - C:WINDOWSSystem32spoolDRIVERSW32X863\LXCRse rv.exe (file missing) O23 - Service: lxcr_device - Unknown owner - (no file) Close all windows and click fix checked. You need to choose one firewall and one antivirus. Running more than one each is un-necessary and can cause problems. Other than that you are looking pretty good. |
|
#11
22-08-2007, 10:06 PM
| ||||
| ||||
| hijack log help Done! THANK evilfantasy for your help and time. regards Victor |
|
| Thread Tools | |
|
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Hijack this log | carpious | Virus, Spyware & Security | 17 | 28-06-2008 09:21 AM |
| hijack this, erm, log | d0od | Virus, Spyware & Security | 3 | 25-06-2008 03:22 PM |
| Hijack log | d0od | Virus, Spyware & Security | 1 | 27-05-2008 04:30 PM |
| hijack log | madcows7 | Virus, Spyware & Security | 11 | 01-03-2008 02:34 AM |
| hijack this log | packofqtips | Virus, Spyware & Security | 1 | 26-12-2007 11:57 PM |
| Powered by vBulletin® Copyright ©2000 - 2008 Jelsoft Enterprises Ltd. SEO by vBSEO ©2008, Crawlability, Inc. |
