Jump to content

Recommended Posts

I've just recently 5 minutes ago decided to give HijackThis a try, but I'm completely lost on how to or even start to notice if I'm infected or if I'm running a clean system. I'll include my scan file, please help me understand what this scans for and how to remove any infections, thanks all. :wink2:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:20:37 PM, on 6/28/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

Running processes:










C:Program FilesRazerCopperheadrazerhid.exe


C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe

C:Program FilesSpybot - Search & DestroyTeaTimer.exe

C:Program FilesAIMaim.exe

C:Program FilesXfirexfire.exe

C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe

C:Program FilesBonjourmDNSResponder.exe

C:Program FilesNVIDIA CorporationnTunenTuneService.exe




C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe

C:Program FilesNVIDIA CorporationSystem UpdateUpdateCenterService.exe

C:Program FilesRazerCopperheadrazerofa.exe

C:Program FilesMozilla Firefoxfirefox.exe


C:Program FilesTrend MicroHijackThisHijackThis.exe

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:Program FilesFlashGetjccatch.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_05binssv.dll

O2 - BHO: (no name) - {D2041ABE-7FD8-4850-B18F-68D907991DB3} - (no file)

O2 - BHO: (no name) - {EE5A1465-1E73-4784-8F63-45983FDF0DB8} - (no file)

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:Program FilesFlashGetgetflash.dll

O4 - HKLM..Run: [P17Helper] Rundll32 P17.dll,P17Helper

O4 - HKLM..Run: [Media Codec Update Service] C:Program FilesEssentials Codec Packupdate.exe -silent

O4 - HKLM..Run: [Copperhead] C:Program FilesRazerCopperheadrazerhid.exe

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime

O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup

O4 - HKLM..Run: [nwiz] nwiz.exe /install

O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit

O4 - HKCU..Run: [Gadwin PrintScreen] C:Program FilesGadwin SystemsPrintScreenPrintScreen.exe /nosplash

O4 - HKCU..Run: [spybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe

O4 - HKCU..Run: [NVIDIA nTune] C:Program FilesNVIDIA CorporationnTunenTuneCmd.exe resetprofile

O4 - HKCU..Run: [AIM] C:Program FilesAIMaim.exe -cnetwait.odl

O4 - Startup: Xfire.lnk = C:Program FilesXfirexfire.exe

O8 - Extra context menu item: &Download All with FlashGet - C:Program FilesFlashGetjc_all.htm

O8 - Extra context menu item: &Download with FlashGet - C:Program FilesFlashGetjc_link.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05binssv.dll

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIMaim.exe

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:Program FilesFlashGetFlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:Program FilesFlashGetFlashGet.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:Program FilesSpybot - Search & DestroySDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:Program FilesSpybot - Search & DestroySDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O20 - Winlogon Notify: pmnljGaX - pmnljGaX.dll (file missing)

O23 - Service: Apple Mobile Device - Apple, Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: Performance Service (nTuneService) - NVIDIA - C:Program FilesNVIDIA CorporationnTunenTuneService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe

O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindServiceAE.exe

O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:Program FilesNVIDIA CorporationSystem UpdateUpdateCenterService.exe


End of file - 6953 bytes

Link to comment
Share on other sites

  • Create New...