PC Clean up - TechRepublic
TechRepublic | Forums | Security
Security
General discussion
April 22, 2006 at 06:04 PM
#2184806
artabeleda

PC Clean up

by artabeleda . Updated 20 years, 1 month ago

Can anyone help me figure out my Hijackthis log?

Logfile of HijackThis v1.99.1
Scan saved at 9:02:28 PM, on 04/22/2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL 1.0\OUTPOST.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\AKPROG\AKPROG.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\PROGRAM FILES\ANTI-SPYWARE BLOCKER\ANTI-VIRUS.EXE
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\WINAMP\WINAMP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS1991.EXE

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 – URLSearchHook: (no name) – {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} – (no file)
O3 – Toolbar: &Radio – {8E718888-423F-11D2-876E-00A0C9082467} – C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 – HKLM\..\Run: [Outpost Firewall] C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL 1.0\outpost.exe /waitservice
O4 – HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 – HKLM\..\Run: [ActualKeylogger] C:\Program Files\AKProg\AKProg.exe hs
O4 – HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 – HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 – HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 – HKLM\..\RunServices: [Outpost Firewall] C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL 1.0\outpost.exe /service
O4 – HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 – Startup: Anti-Spyware Blocker.lnk = C:\Program Files\Anti-Spyware Blocker\Anti-Virus.exe
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 – Extra context menu item: Download Image with Download Manager – tbr:iemenudownload
O8 – Extra context menu item: Download URL with Download Manager – tbr:iemenudownload
O8 – Extra context menu item: Download URL in selection with Download Manager – tbr:iemenudownsel
O8 – Extra context menu item: &Clean Traces – C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 – Extra context menu item: &Download with &DAP – C:\Program Files\DAP\dapextie.htm
O8 – Extra context menu item: Download &all with DAP – C:\Program Files\DAP\dapextie2.htm
O9 – Extra button: (no name) – {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} – (no file)
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 – Extra button: Outpost Firewall Pro Quick Tune – {44627E97-789B-40d4-B5C2-58BD171129A1} – C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O13 – WWW. Prefix: http://
O15 – Trusted Zone: *.winamp.com
O15 – Trusted Zone: *.shoutcast.com
O15 – Trusted Zone: *.aolcdn.com
O16 – DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) – http://www.crucial.com/controls/cpcScanner.cab
O16 – DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) – http://by22fd.bay22.hotmail.msn.com/resources/MsnPUpld.cab
O16 – DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204

This discussion is locked

All Comments