friends log - Techist - Tech Forum

Go Back   Techist - Tech Forum > Security | Computer, Devices, Software and Systems > Viruses, Spyware and Malware > HijackThis Logs (finished)
Click Here to Login
 
 
Thread Tools Display Modes
 
Old 11-25-2007, 12:04 PM   #1 (permalink)
Monster Techie
 
Join Date: Apr 2005
Posts: 1,946
Send a message via AIM to Static_11 Send a message via Yahoo to Static_11
Default friends log

Logfile of HijackThis v1.99.1
Scan saved at 12:00:21 PM, on 11/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:..WINDOWS..System32..smss.exe
C:..WINDOWS..system32..winlogon.exe
C:..WINDOWS..system32..services.exe
C:..WINDOWS..system32..lsass.exe
C:..WINDOWS..system32..svchost.exe
C:..WINDOWS..System32..svchost.exe
C:..WINDOWS..system32..spoolsv.exe
C:..WINDOWS..Explorer.EXE
C:..WINDOWS..system32..hkcmd.exe
C:..Program Files..Analog Devices..Core..smax4pnp.exe
C:..WINDOWS..system32..dla..tfswctrl.exe
C:..Program Files..HP..HP Software Update..HPWuSchd2.exe
C:..Program Files..Java..jre1.5.0_09..bin..jusched.exe
C:..Program Files..Adobe..Photoshop Album Starter Edition..3.0..Apps..apdproxy.exe
C:..Program Files..QuickTime..qttask.exe
C:..Program Files..iTunes..iTunesHelper.exe
C:..WINDOWS..mrofinu72.exe
C:..Program Files..Common Files..?ymantec..r?gsvr32.exe
C:..WINDOWS..system32..svchost.exe
C:..Program Files..Viewpoint..Common..ViewpointService.exe
C:..Program Files..HP..Digital Imaging..bin..hpqtra08.exe
C:..Program Files..HP..Digital Imaging..bin..hpqgalry.exe
C:..Program Files..iPod..bin..iPodService.exe
C:..WINDOWS..system32..wscntfy.exe
C:..Program Files..AIM..aim.exe
C:..Program Files..Viewpoint..Viewpoint Manager..ViewMgr.exe
C:..Program Files..Java..jre1.5.0_09..bin..jucheck.exe
C:..Program Files..Last.fm..LastFM.exe
C:..WINDOWS..system32..winlogon.exe
C:..Program Files..Spybot - Search & Destroy..TeaTimer.exe
C:..WINDOWS..system32..wuauclt.exe
C:..Program Files..Mozilla Firefox..firefox.exe
C:..Program Files..HijackThis..HijackThis.exe

R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:..Program Files..AOL..AOL Toolbar 2.0..aoltb.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:..Program Files..Common Files..Adobe..Acrobat..ActiveX..AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:..PROGRA~1..SPYBOT~1..SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:..WINDOWS..system32..dla..tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:..Program Files..Java..jre1.5.0_09..bin..ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:..Program Files..AOL..AOL Toolbar 2.0..aoltb.dll
O2 - BHO: BndShell3 BHO Class - {875A1348-7674-42aa-ADAC-B4F36A004A2D} - C:..Program Files..QdrDrive..QdrDrive8.dll (file missing)
O2 - BHO: (no name) - {BBFCAB10-45FD-6E75-D82F-4BE670F55FB7} - C:..WINDOWS..system32..qfz.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:..Program Files..AOL..AOL Toolbar 2.0..aoltb.dll
O4 - HKLM......Run: [IgfxTray] C:..WINDOWS..system32..igfxtray.exe
O4 - HKLM......Run: [HotKeysCmds] C:..WINDOWS..system32..hkcmd.exe
O4 - HKLM......Run: [SoundMAXPnP] C:..Program Files..Analog Devices..Core..smax4pnp.exe
O4 - HKLM......Run: [dla] C:..WINDOWS..system32..dla..tfswctrl.exe
O4 - HKLM......Run: [UpdateManager] "C:..Program Files..Common Files..Sonic..Update Manager..sgtray.exe" /r
O4 - HKLM......Run: [HP Software Update] "C:..Program Files..HP..HP Software Update..HPWuSchd2.exe"
O4 - HKLM......Run: [SunJavaUpdateSched] "C:..Program Files..Java..jre1.5.0_09..bin..jusched.exe"
O4 - HKLM......Run: [Adobe Photo Downloader] "C:..Program Files..Adobe..Photoshop Album Starter Edition..3.0..Apps..apdproxy.exe"
O4 - HKLM......Run: [QuickTime Task] "C:..Program Files..QuickTime..qttask.exe" -atboottime
O4 - HKLM......Run: [iTunesHelper] "C:..Program Files..iTunes..iTunesHelper.exe"
O4 - HKLM......Run: [Adobe Reader Speed Launcher] "C:..Program Files..Adobe..Reader 8.0..Reader..Reader_sl.exe"
O4 - HKLM......Run: [runner1] C:..WINDOWS..mrofinu72.exe 61A847B5BBF72815308B2B27128065E9C084320161C4661227 A755E9C293
3154389A
O4 - HKCU......Run: [QdrModule9] "C:..Program Files..QdrModule..QdrModule9.exe"
O4 - HKCU......Run: [Mhagrf] "C:..Program Files..Common Files..?ymantec..r?gsvr32.exe"
O4 - HKCU......Run: [SpybotSD TeaTimer] C:..Program Files..Spybot - Search & Destroy..TeaTimer.exe
O4 - HKCU......Run: [WinAble] C:..Program Files..WinAble..winable.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:..Program Files..HP..Digital Imaging..bin..hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:..Program Files..HP..Digital Imaging..bin..hpqthb08.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:..program files..aol..aol toolbar 2.0..resources..en-US..local..search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..Program Files..Java..jre1.5.0_09..bin..ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..Program Files..Java..jre1.5.0_09..bin..ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:..Program Files..AOL..AOL Toolbar 2.0..aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:..Program Files..AIM..aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:..PROGRA~1..SPYBOT~1..SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:..PROGRA~1..SPYBOT~1..SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:..WINDOWS..SYSTEM32..igfxsrvc.dll
O23 - Service: iPod Service - Apple Inc. - C:..Program Files..iPod..bin..iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:..WINDOWS..system32..HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:..Program Files..Viewpoint..Common..ViewpointService.exe
__________________

__________________
Static_11 is offline  
Old 11-25-2007, 04:58 PM   #2 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default Re: friends log

This log looks weird..

C:.. Can you scan again?
__________________

__________________
Osiris is offline  
Old 11-25-2007, 05:00 PM   #3 (permalink)
Retired.
 
peterhuang913's Avatar
 
Join Date: Dec 2005
Location: Los Angeles, California
Posts: 8,076
Send a message via AIM to peterhuang913
Default Re: friends log

All the slashes are missing. As far as I can tell, Viewpoint is on there.
__________________


My computer uses 1.5A-load, .8A-idle, .65A-standby, .05A-turned off on 125V.
"The spaces between your fingers were created so that another's could fill them in."
Quote:
Originally Posted by Norcent View Post
I need to stop using the internet.
peterhuang913 is offline  
Old 11-25-2007, 05:36 PM   #4 (permalink)
Monster Techie
 
Join Date: Apr 2005
Posts: 1,946
Send a message via AIM to Static_11 Send a message via Yahoo to Static_11
Default Re: friends log

so is veiwpoint the only thing that needs fixing?

for some reason he's running like 56 processes and keeps getting pop ups even when not online.
__________________
Static_11 is offline  
Old 11-25-2007, 05:39 PM   #5 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default Re: friends log

did you have him disable everything except antivirus in msconfig>startup
__________________
Osiris is offline  
Old 11-25-2007, 06:10 PM   #6 (permalink)
Monster Techie
 
Join Date: Apr 2005
Posts: 1,946
Send a message via AIM to Static_11 Send a message via Yahoo to Static_11
Default Re: friends log

no. i had him disable some stuff...
on boot up he gets 42 processes...later on he has around like 55+
should he fix anything in that log or no?
__________________
Static_11 is offline  
Old 11-25-2007, 06:20 PM   #7 (permalink)
Retired.
 
peterhuang913's Avatar
 
Join Date: Dec 2005
Location: Los Angeles, California
Posts: 8,076
Send a message via AIM to peterhuang913
Default Re: friends log

Quote:
Originally Posted by Static_11 View Post
no. i had him disable some stuff...
on boot up he gets 42 processes...later on he has around like 55+
should he fix anything in that log or no?
That's the problem. We need a new log, that log looks incomplete/corrupted.
__________________


My computer uses 1.5A-load, .8A-idle, .65A-standby, .05A-turned off on 125V.
"The spaces between your fingers were created so that another's could fill them in."
Quote:
Originally Posted by Norcent View Post
I need to stop using the internet.
peterhuang913 is offline  
Old 11-25-2007, 06:59 PM   #8 (permalink)
Monster Techie
 
Join Date: Apr 2005
Posts: 1,946
Send a message via AIM to Static_11 Send a message via Yahoo to Static_11
Default Re: friends log

Logfile of HijackThis v1.99.1
Scan saved at 6:29:54 PM, on 11/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\mrofinu72.exe
C:\Program Files\Common Files\?ymantec\r?gsvr32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\DOCUME~1\Michael\MYDOCU~1\MCROSO~1.NET\nslookup .exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: BndShell3 BHO Class - {875A1348-7674-42aa-ADAC-B4F36A004A2D} - C:\Program Files\QdrDrive\QdrDrive8.dll (file missing)
O2 - BHO: (no name) - {BBFCAB10-45FD-6E75-D82F-4BE670F55FB7} - C:\WINDOWS\system32\qfz.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu72.exe 61A847B5BBF72815308B2B27128065E9C084320161C4661227 A755E9C2933154389A
O4 - HKCU\..\Run: [Mhagrf] "C:\Program Files\Common Files\?ymantec\r?gsvr32.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe
O4 - HKCU\..\Run: [QdrModule9] "C:\Program Files\QdrModule\QdrModule9.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
__________________
Static_11 is offline  
Old 11-25-2007, 07:04 PM   #9 (permalink)
Retired.
 
peterhuang913's Avatar
 
Join Date: Dec 2005
Location: Los Angeles, California
Posts: 8,076
Send a message via AIM to peterhuang913
Default Re: friends log

Uninstall Viewpoint Media Player

Then fix:

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\WINDOWS\mrofinu72.exe

C:\Program Files\Common Files\?ymantec\r?gsvr32.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O2 - BHO: BndShell3 BHO Class - {875A1348-7674-42aa-ADAC-B4F36A004A2D} - C:\Program Files\QdrDrive\QdrDrive8.dll (file missing)

O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu72.exe 61A847B5BBF72815308B2B27128065E9C084320161C4661227 A755E9C2933154389A

O4 - HKCU\..\Run: [WinAble] C:\Program Files\WinAble\winable.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
__________________


My computer uses 1.5A-load, .8A-idle, .65A-standby, .05A-turned off on 125V.
"The spaces between your fingers were created so that another's could fill them in."
Quote:
Originally Posted by Norcent View Post
I need to stop using the internet.
peterhuang913 is offline  
Old 11-25-2007, 07:10 PM   #10 (permalink)
Monster Techie
 
Join Date: Apr 2005
Posts: 1,946
Send a message via AIM to Static_11 Send a message via Yahoo to Static_11
Default Re: friends log

thanks man.
__________________

__________________
Static_11 is offline  
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
My HijackThis Log aetherh4cker HijackThis Logs (finished) 10 11-28-2007 07:58 AM
Log into computer from another computer Max Power Microsoft Windows and Software 3 10-22-2007 06:32 PM
WoW Keylogger Maybe? Check my Log Please stuaz HijackThis Logs (finished) 11 10-04-2007 11:36 AM
Friend's PC need log checked ASAP superdave1984 HijackThis Logs (finished) 4 09-23-2007 10:39 AM
Hijackthis log jtemple HijackThis Logs (finished) 1 09-20-2007 07:49 AM



Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 03:06 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2018, vBulletin Solutions, Inc.