Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » HiJack and Sweeper log

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

HiJack and Sweeper log

Reply
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #1 (permalink)  
Old 23-03-2006, 08:14 PM
Newbie
D-A-L Newbie
  
Join Date: Mar 2006
Posts: 16
woody uk Is a beginner here at D-A-L
HiJack and Sweeper log
Hi
from a previos post i was asked to post a NEW hijack and sweeper post for each PC so that i could be advised accordingly

Thanks in anticipation of your help

Logfile of HijackThis v1.99.1
Scan saved at 18:46:05, on 23/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Symantec\ACT\SideACT.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Citrix\GoToMyPC\g2svc.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Citrix\GoToMyPC\g2comm.exe
C:\Program Files\Citrix\GoToMyPC\g2pre.exe
C:\Program Files\Citrix\GoToMyPC\g2tray.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tash Majors\Desktop\LB\Hi Jack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [GoToMyPC] C:\Program Files\Citrix\GoToMyPC\g2svc.exe -logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: SideACT!.lnk = C:\Program Files\Symantec\ACT\SideACT.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2A493D5F-8914-4D3E-8BF3-767F281862F4} (TraderMediaImgX Control) - http://sell.autotrader.co.uk/uk-ola/...aderMediaX.cab
O20 - Winlogon Notify: GoToMyPC - C:\WINDOWS\SYSTEM32\G2WinLogon.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: GoToMyPC - Unknown owner - C:\Program Files\Citrix\GoToMyPC\g2svc.exe" -service (file missing)
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

PLUS this from Spy Sweeper

********
18:05: | Start of Session, 23 March 2006 |
18:05: Spy Sweeper started
18:05: Sweep initiated using definitions version 640
18:05: Starting Memory Sweep
18:10: Memory Sweep Complete, Elapsed Time: 00:04:33
18:10: Starting Registry Sweep
18:10: Found System Monitor: blazing tools xp logon logger
18:10: HKLM\software\bt\ (3 subtraces) (ID = 105271)
18:10: Registry Sweep Complete, Elapsed Time:00:00:40
18:10: Starting Cookie Sweep
18:10: Found Spy Cookie: 247realmedia cookie
18:10: tash majors@247realmedia[1].txt (ID = 1953)
18:10: Found Spy Cookie: yieldmanager cookie
18:10: tash majors@ad.yieldmanager[2].txt (ID = 3751)
18:10: Found Spy Cookie: adrevolver cookie
18:10: tash majors@adrevolver[1].txt (ID = 2088)
18:10: tash majors@adrevolver[3].txt (ID = 2088)
18:10: Found Spy Cookie: adtech cookie
18:10: tash majors@adtech[2].txt (ID = 2155)
18:10: Found Spy Cookie: apmebf cookie
18:10: tash majors@apmebf[1].txt (ID = 2229)
18:10: Found Spy Cookie: falkag cookie
18:10: tash majors@as-us.falkag[1].txt (ID = 2650)
18:10: Found Spy Cookie: belnk cookie
18:10: tash majors@belnk[1].txt (ID = 2292)
18:10: Found Spy Cookie: bluestreak cookie
18:10: tash majors@bluestreak[2].txt (ID = 2314)
18:10: Found Spy Cookie: casalemedia cookie
18:10: tash majors@casalemedia[1].txt (ID = 2354)
18:10: tash majors@dist.belnk[2].txt (ID = 2293)
18:10: Found Spy Cookie: realmedia cookie
18:10: tash majors@realmedia[1].txt (ID = 3235)
18:10: Found Spy Cookie: tribalfusion cookie
18:10: tash majors@tribalfusion[1].txt (ID = 3589)
18:10: tash majors@yieldmanager[1].txt (ID = 3749)
18:10: Cookie Sweep Complete, Elapsed Time: 00:00:02
18:10: Starting File Sweep
18:35: Found Adware: ist yoursitebar
18:35: 00307668.zip (ID = 258153)
18:37: File Sweep Complete, Elapsed Time: 00:26:45
18:37: Full Sweep has completed. Elapsed time 00:32:11
18:37: Traces Found: 19
18:40: Removal process initiated
18:40: Quarantining All Traces: blazing tools xp logon logger
18:40: Quarantining All Traces: ist yoursitebar
18:40: Quarantining All Traces: 247realmedia cookie
18:40: Quarantining All Traces: adrevolver cookie
18:40: Quarantining All Traces: adtech cookie
18:40: Quarantining All Traces: apmebf cookie
18:40: Quarantining All Traces: belnk cookie
18:40: Quarantining All Traces: bluestreak cookie
18:40: Quarantining All Traces: casalemedia cookie
18:40: Quarantining All Traces: falkag cookie
18:40: Quarantining All Traces: realmedia cookie
18:40: Quarantining All Traces: tribalfusion cookie
18:40: Quarantining All Traces: yieldmanager cookie
18:40: Removal process completed. Elapsed time 00:00:13
********
17:59: | Start of Session, 23 March 2006 |
17:59: Spy Sweeper started
18:00: Your spyware definitions have been updated.
18:05: | End of Session, 23 March 2006 |
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 23-03-2006, 10:34 PM
VopThis's Avatar
Senior Member (Canada)
  
Join Date: Nov 2005
Posts: 3,439
VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!VopThis is a D-A-L Rockstar!
Re: HiJack and Sweeper log
Items found by SS were mostly low risk cookies.


HijackThis log looks clean. Do you have any obvious remaining issues with this PC?
__________________
Vincent P

MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis LOG __V2.0.2 _|

__
ASAP: promoting a high standard and quality of security support no matter where you seek help.

Quote:
SAFER SURFING TOOLS (IE/FF **FREE** browser addons):
Linkscanner + WOT (Web of Trust) + SiteAdvisor (suggest at least two but not necessarily all)
Quote:
Tell me and I forget; show me and I remember; involve me and I understand.
There are no foolish questions, the only thing foolish is not asking if you're unsure of something.
Never ASSUME any detail because it can make an ASS out of U and ME... (ASS/U/ME ).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 24-03-2006, 08:45 PM
Newbie
D-A-L Newbie
  
Join Date: Mar 2006
Posts: 16
woody uk Is a beginner here at D-A-L
Re: HiJack and Sweeper log
Hi
No issues now with this PC
Many Thanks for you Help
Donation on its way soon

Thanks
Woody
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Another HiJack this and Spy Sweeper Log woody uk Spyware, Adware, Viruses and HijackThis Logs 5 07-04-2006 04:43 PM
Spy Sweeper 4.0 (Major conflicts) novice Spyware, Adware, Viruses and HijackThis Logs 1 14-07-2005 01:04 PM
How can I get more than one trial period of Spy Sweeper Stevie G Spyware, Adware, Viruses and HijackThis Logs 1 14-06-2005 10:36 PM
about:blank hijack - Hijack this log muzikmann Spyware, Adware, Viruses and HijackThis Logs 3 02-09-2004 06:47 PM


All times are GMT +1. The time now is 04:19 PM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav