Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

hijackthis log from hijackthis.de

Started by thakid , Jun 05 2005 09:58 PM

  • Please log in to reply

#1
thakid
Posted 05 June 2005 - 09:58 PM

thakid

    Member

  • Member
  • PipPipPip
  • 132 posts
Entry Kind
(Safe, Nasty, Unknown) Description Tip
Logfile of HijackThis v1.99.1 Safe.
Safe. Shows the version of HijackThis an. The newest version is: v1.99.1! This should be the newest version. (v1.99.1)
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Safe.
Safe. Shows the version of your Internet Explorer. Newest Version is: 6.00.2800.1106! This should be the newest version. (6.00.2900.2180)
C:\WINDOWS\System32\smss.exe Safe.
Safe. running process. (smss.exe)
Systemprozess - Anwendung, die benutzt wird um Sitzungen zu starten, verwalten und löschen.
C:\WINDOWS\system32\winlogon.exe Safe.
Safe. running process. (winlogon.exe)
Systemprozess - Windows Login Routine
C:\WINDOWS\system32\services.exe Safe.
Safe. running process. (services.exe)
Systemprozess - Verwaltet die Systemdienste.
C:\WINDOWS\system32\lsass.exe Safe.
Safe. running process. (lsass.exe)
Systemprozess
C:\WINDOWS\system32\svchost.exe Safe.
Safe. running process. (svchost.exe)
Systemprozess - Allgemeiner Hostprozessname für Dienste.
C:\WINDOWS\System32\svchost.exe Safe.
Safe. running process. (svchost.exe)
Systemprozess - Allgemeiner Hostprozessname für Dienste.
C:\WINDOWS\system32\spoolsv.exe Safe.
Safe. running process. (spoolsv.exe)
Systemprozess
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe Safe.
Safe. running process. (AOLAcsd.exe)
Part of AOL
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe Safe.
Safe. running process. (aoltsmon.exe)
AOL Topspeed
C:\Program Files\ewido\security suite\ewidoctrl.exe Safe.
Safe. running process. (ewidoctrl.exe)
Ewido Security Suite
c:\progra~1\mcafee\mcafee antispyware\MssSrv.exe Safe.
Safe. running process. (MssSrv.exe)
McAfee AntiSpyware
Possibly nasty! According to our database this process runs normally in c:\programme\mcafee\mcafee antispyware\! Check if you know this process and arrange a viruscheck where required.
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe Safe.
Safe. running process. (mcvsrte.exe)

C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe Firewall
Safe. running process. (MPFSERVICE.exe)
McAfee Software
Possibly nasty! According to our database this process runs normally in c:\progra~1\mcafee.com\person~1! Check if you know this process and arrange a viruscheck where required.
C:\PROGRA~1\McAfee\SpamKiller\MSKSrvr.exe Safe.
Safe. running process. (MSKSrvr.exe)
Bestandteil von McAfee
Possibly nasty! According to our database this process runs normally in c:\progra~1\mcafee\spamki~1! Check if you know this process and arrange a viruscheck where required.
C:\WINDOWS\system32\tcpsvcs.exe Safe.
Safe. running process. (tcpsvcs.exe)
TCP/IP Services
C:\WINDOWS\System32\snmp.exe Safe.
Safe. running process. (snmp.exe)

C:\WINDOWS\system32\svchost.exe Safe.
Safe. running process. (svchost.exe)
Systemprozess - Allgemeiner Hostprozessname für Dienste.
c:\PROGRA~1\mcafee.com\vso\mcshield.exe Firewall
Safe. running process. (mcshield.exe)
McAfee VirusScan
C:\WINDOWS\Explorer.EXE Safe.
Safe. running process. (Explorer.EXE)
Systemprozess für Desktop und Taskleiste.
C:\PROGRA~1\mcafee.com\agent\McAgent.exe Safe.
Safe. running process. (McAgent.exe)

C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe Unknown
Unknown running process. (AOLSPScheduler.exe)
This is a unknown process.
C:\PROGRA~1\McAfee\SpamKiller\MSKAgent.exe Safe.
Safe. running process. (MSKAgent.exe)
Bestandteil von McAfee
Possibly nasty! According to our database this process runs normally in c:\progra~1\mcafee\spamki~1! Check if you know this process and arrange a viruscheck where required.
C:\WINDOWS\system32\hkcmd.exe Safe.
Safe. running process. (hkcmd.exe)

C:\Program Files\Analog Devices\Core\smax4pnp.exe Safe.
Safe. running process. (smax4pnp.exe)

Possibly nasty! According to our database this process runs normally in c:\archivos de programa\analog devices\soundmax\! Check if you know this process and arrange a viruscheck where required.
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe Safe.
Safe. running process. (mcvsshld.exe)

C:\Program Files\Common Files\AOL\ACS\AOLDial.exe Safe.
Safe. running process. (AOLDial.exe)
Part of AOL
c:\progra~1\mcafee.com\vso\mcvsescn.exe Safe.
Safe. running process. (mcvsescn.exe)

C:\Program Files\Common Files\Real\Update_OB\realsched.exe Safe.
Safe. running process. (realsched.exe)

C:\PROGRA~1\COMMON~1\AOL\110727~1\EE\AOLHostManager.exe Unknown
Unknown running process. (AOLHostManager.exe)
In a Program FilesCommon FilesAOL folder; what does it do, and is it required?? This is a unknown process.
C:\PROGRA~1\COMMON~1\AOL\110727~1\EE\AOLServiceHost.exe Unknown
Unknown running process. (AOLServiceHost.exe)
This is a unknown process.
C:\Program Files\America Online 9.0\waol.exe Safe.
Safe. running process. (waol.exe)
Part of AOL
C:\Program Files\America Online 9.0\shellmon.exe Safe.
Safe. running process. (shellmon.exe)

Possibly nasty! According to our database this process runs normally in c:\programme\aol 8.0a\! Check if you know this process and arrange a viruscheck where required.
c:\progra~1\mcafee.com\vso\mcvsftsn.exe Safe.
Safe. running process. (mcvsftsn.exe)

C:\Program Files\Mozilla Firefox\firefox.exe Safe.
Safe. running process. (firefox.exe)
Internet Browser
C:\Documents and Settings\jerimie piccola\Desktop\windows fix\HijackThis.exe Safe.
Safe. running process. (HijackThis.exe)
Tool, mit dem sie dieses Logfile erzeugt haben. Remember that Hijackthis must be run in an own folder. Only if Hijackthis run in an own folder it will create backups!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c....yahoo.com/ext/ search/search.html Safe.
Safe. This page has been identified as safe.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com Safe.
Safe. This page has been identified as safe.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com Safe.
Safe. This page has been identified as safe.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c....yahoo.com/ext/ search/search.html Safe.
Safe. This page has been identified as safe.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com Safe.
Safe. This page has been identified as safe.
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com Safe.
Safe. This page has been identified as safe.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast Safe.
Safe. This page has been identified as safe.
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll Safe.
Safe. Entries found in this registry zone are potentially nasty. This application ([02478D38-C3F9-4efb-9B51-7695ECA05670] - Result: 02478D38-C3F9-4efb-9B51-7695ECA05670) has been checked. Hit rate: 99 %
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll Unknown
Unknown Entries found in this registry zone are potentially nasty. This application ([5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897] - Result: ) has been checked. Hit rate: -1 % Unknown application.
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll Unknown
Unknown Entries found in this registry zone are potentially nasty. This application ([65D886A2-7CA7-479B-BB95-14D1EFB7946A] - Result: ) has been checked. Hit rate: -1 % Unknown application.
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll Safe.
Safe. Entries found in this registry zone are potentially nasty. This application ([EF99BD32-C1FB-11D2-892F-0090271D4F88] - Result: EF99BD32-C1FB-11D2-892F-0090271D4F88) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 99 %
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe Safe.
Safe. From McAfee VirusScan On-line. Automatically updates your virus definitions. Leave enabled unless you regularly update these definitions
Hit rate: 86 % (result)
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe Safe.
Safe. From McAfee VirusScan On-line. The Agent is a red M icon that appears in the Windows system tray or Notification Area (if youre running Windows XP). If you dont see the agent icon, VirusScan Online may not be installed
Hit rate: 84 % (result)
O4 - HKLM\..\Run: [AOL Spyware Protection] C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe Unknown
Unknown
Hit rate: 6 % (result) Unknown application.
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask Safe.
Safe. McAfee
Hit rate: 99 % (result)
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SpamKiller\MSKAgent.exe Safe.
Safe. Bestandteil von McAfee
Hit rate: 90 % (result)
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SpamKiller\MSKDetct.exe /startup Safe.
Safe. Bestandteil von McAfee
Hit rate: 99 % (result)
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe Safe.
Safe. Application that implements the Intel Hotkey command.
Hit rate: 99 % (result)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe Safe.
Safe. SoundMax integrated sound. Required if you have custom settings for your sound, such as effects and environments
Hit rate: 78 % (result)
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" Safe.
Safe. McAfee VirusScan On-line. See also McAgentExe
Hit rate: 99 % (result)
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1107273406\EE\AOLHostManager.exe Unknown
Unknown In a Program FilesCommon FilesAOL folder; what does it do, and is it required??
Hit rate: 99 % (result) Unknown application.
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe Safe.
Safe.
Hit rate: 99 % (result)
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe Safe.
Safe. Related to connection events on an Intel chipset based modem. It can alert you if the telephone line is being used when youre trying to get online (when youre using dial-up). It can also alert you if your modem line is disconnected. Furthermore, it can alert you if you have made a wrong connection with your modem line
Hit rate: 84 % (result)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot Safe.
Safe. Part of RealPlayer
Hit rate: 99 % (result)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe Safe.
Safe. Quick access to the control panel via a System Tray icon for graphics based upon the Intel chipsets (ie, i810). These chipsets are often included on motherboards. Available via Start -> Settings -> Control Panel
Hit rate: 86 % (result) Not dangerous, but unnecessary.
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\mcafee antispyware\MssCli.exe Safe.
Safe. McAfee AntiSpyware
Hit rate: 99 % (result)
O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SpamKiller\MSKAgent.exe Safe.
Safe. Bestandteil von McAfee
Hit rate: 90 % (result)
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b Unknown
Unknown
Hit rate: -1 % (result) Unknown application.
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML Nasty
Nasty The entry &AOL Toolbar search has been identified as nasty.
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm Safe.
Safe. The entry &Yahoo! Search has been identified as safe. If the entry '&Yahoo! Search ' is not needed anymore, it should be fixed.
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm Safe.
Safe. The entry Yahoo! &Dictionary has been identified as safe. If the entry 'Yahoo! &Dictionary ' is not needed anymore, it should be fixed.
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm Safe.
Safe. The entry Yahoo! &Maps has been identified as safe. If the entry 'Yahoo! &Maps ' is not needed anymore, it should be fixed.
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm Safe.
Safe. The entry Yahoo! &SMS has been identified as safe. If the entry 'Yahoo! &SMS ' is not needed anymore, it should be fixed.
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll Safe.
Safe. The entry AOL Toolbar has been identified as safe. If the entry 'AOL Toolbar ' is not needed anymore, it should be fixed.
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll Safe.
Safe. The entry AOL Toolbar has been identified as safe. If the entry 'AOL Toolbar ' is not needed anymore, it should be fixed.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll Safe.
Safe. This entry has been identified as safe.
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab Safe.
Safe. This entry has been identified as safe.
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf.../2,0,0,4484/mcf scan.cab Safe.
Safe. This entry has been identified as safe.
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll Unknown
Unknown
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe Safe.
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (AOLAcsd.exe) was identified as a good one.
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe Safe.
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (aoltsmon.exe) was identified as a good one.
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe Safe.
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (aolserv.exe) was identified as a good one.
O23 - Service: dlbu_device - Dell - C:\WINDOWS\system32\dlbucoms.exe Unknown
Unknown These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. Unknown service. (dlbucoms.exe)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe Safe.
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (ewidoctrl.exe) was identified as a good one.
O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\MssSrv.exe Safe.
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (MssSrv.exe) was identified as a good one.
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe Firewall
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (mcshield.exe) was identified as a good one.
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe Safe.
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (mcupdmgr.exe) was identified as a good one.
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe Safe.
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (mcvsrte.exe) was identified as a good one.
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe Firewall
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (MPFSERVICE.exe) was identified as a good one.
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SpamKiller\MSKSrvr.exe Safe.
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (MSKSrvr.exe) was identified as a good one.
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe Safe.
Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (NetSvc.exe) was identified as a good one.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP