I am learning how to use hijack this to check my laptop for the like. Can someone explain this to me. Thanks
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:16:44 AM, on 12/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.e
xe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\servic
es.exe
C:\WINDOWS\system32\lsass.
exe
C:\WINDOWS\system32\svchos
t.exe
C:\WINDOWS\System32\svchos
t.exe
C:\WINDOWS\system32\spools
v.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\system32\igfxtr
ay.exe
C:\WINDOWS\system32\hkcmd.
exe
C:\Program Files\iTunes\iTunesHelper.
exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.6.0_03\bin
\jusched.e
xe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.
exe
C:\Program Files\McAfee\MBK\McAfeeDat
aBackup.ex
e
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon
.exe
C:\Program Files\Microsoft CRM\Client\res\web\bin\Mic
rosoft.Crm
.Applicati
on.Hoster.
exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\PROGRA~1\MI3AA1~1\rapim
gr.exe
C:\Program Files\Symantec\LiveUpdate\
ALUSchedul
erSvc.exe
C:\WINDOWS\system32\cisvc.
exe
C:\WINDOWS\system32\inetsr
v\inetinfo
.exe
C:\Program Files\McAfee\MBK\MBackMoni
tor.exe
C:\Program Files\Common Files\McAfee\HackerWatch\H
WAPI.exe
C:\PROGRA~1\McAfee\MSC\mcm
scsvc.exe
c:\PROGRA~1\COMMON~1\mcafe
e\mna\mcna
svc.exe
C:\PROGRA~1\McAfee\VIRUSS~
1\mcods.ex
e
C:\PROGRA~1\McAfee\MSC\mcp
romgr.exe
c:\PROGRA~1\COMMON~1\mcafe
e\mcproxy\
mcproxy.ex
e
c:\PROGRA~1\COMMON~1\mcafe
e\redirsvc
\redirsvc.
exe
C:\PROGRA~1\McAfee\VIRUSS~
1\mcshield
.exe
C:\PROGRA~1\McAfee\VIRUSS~
1\mcsysmon
.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.ex
e
C:\PROGRA~1\McAfee\MPS\mps
.exe
c:\PROGRA~1\mcafee.com\age
nt\mcagent
.exe
C:\WINDOWS\System32\snmp.e
xe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.e
xe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter
.exe
c:\PROGRA~1\mcafee\VIRUSS~
1\mcvsshld
.exe
C:\Program Files\McAfee\MPS\mpsevh.ex
e
C:\WINDOWS\system32\Search
Indexer.ex
e
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService
.exe
C:\Program Files\HPQ\shared\hpqwmi.ex
e
C:\PROGRA~1\MICROS~2\Offic
e12\OUTLOO
K.EXE
C:\WINDOWS\system32\cidaem
on.exe
C:\WINDOWS\system32\cidaem
on.exe
C:\WINDOWS\system32\cidaem
on.exe
C:\WINDOWS\system32\cidaem
on.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\taskmg
r.exe
C:\WINDOWS\system32\Search
ProtocolHo
st.exe
C:\Program Files\Trend Micro\HijackThis\HijackThi
s.exe
R1 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Search Bar =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=laptopR0 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Start Page =
https://secure.msepmonline.com/admin/R1 - HKLM\Software\Microsoft\In
ternet Explorer\Main,Default_Page
_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\In
ternet Explorer\Main,Default_Sear
ch_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\In
ternet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\In
ternet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-F
CE54AD9C20
8} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
84B7D6BE0B
3} - C:\Program Files\Common Files\Adobe\Acrobat\Active
X\AcroIEHe
lper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D
4DAF1D92D4
3} - C:\Program Files\Java\jre1.6.0_03\bin
\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6
309F01C523
1} - c:\PROGRA~1\mcafee\VIRUSS~
1\scriptcl
.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D
2AAB95CABE
3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IM
JPMIG.EXE"
/Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TI
NTLGNT\TIN
TSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TI
NTLGNT\TIN
TSETP.EXE /IMEName
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtr
ay.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.
exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.
exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe
" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin
\jusched.e
xe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.
exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
/tray
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDat
aBackup.ex
e
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook
.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
.exe
O4 - HKCU\..\Run: [MSCRMStartup] "C:\Program Files\Microsoft CRM\Client\res\web\bin\Mic
rosoft.Crm
.Applicati
on.Hoster.
exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICR
OS~1\DW\dw
trig20.exe
" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICR
OS~1\DW\dw
trig20.exe
" -t (User 'Default user')
O4 - Global Startup: SnagIt 7.lnk = C:\Program Files\TechSmith\SnagIt 7\SnagIt32.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
\Office12\
EXCEL.EXE/
3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0
0401C60850
1} - C:\Program Files\Java\jre1.6.0_03\bin
\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0
0401C60850
1} - C:\Program Files\Java\jre1.6.0_03\bin
\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-0
0C04FAE2D4
F} - C:\PROGRA~1\MI3AA1~1\INetR
epl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-0
0C04FAE2D4
F} - C:\PROGRA~1\MI3AA1~1\INetR
epl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-0
0C04FAE2D4
F} - C:\PROGRA~1\MI3AA1~1\INetR
epl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
C9C571A826
3} - C:\PROGRA~1\MICROS~2\Offic
e12\REFIEB
AR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f
2ba3849658
3} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f
2ba3849658
3} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
0C04F79568
3} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
0C04F79568
3} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://c348.mseponline.comO15 - Trusted IP range:
http://216.10.126.205O15 - Trusted IP range:
http://216.52.28.200O15 - Trusted IP range: 216.178.160.231
O15 - Trusted IP range:
http://63.146.171.10O15 - Trusted IP range:
http://63.146.171.51O16 - DPF: {25365FF3-2746-4230-9DA7-1
63CCA31830
9} (Automatic Driver Installation Control) -
http://inst.c-wss.com/n035p/EN/install/gtdownlr.cabO16 - DPF: {4A3CBDDD-C4DC-4C38-B44F-7
04DAEF628A
E} (PjAdoInfo3 Class) -
https://216.10.117.252/projectserverph5/objects/pjclient.cabO16 - DPF: {6E32070A-766D-4EE6-879C-D
C1FA91D2FC
3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1192736544562O16 - DPF: {7584C670-2274-4EFB-B00B-D
6AABA6D385
0} (Microsoft RDP Client Control (redist)) -
https://alpha123.msepmonline.com/portal/Connect/msrdp.cabO16 - DPF: {AB86CE53-AC9F-449F-9399-D
8ABCA09EC0
9} (Get_ActiveX Control) -
https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocxO16 - DPF: {AF9A1421-E128-4D5F-A37E-0
39F305867B
9} (Pj11enuC Class) -
https://216.10.117.252/projectserverph5/objects/1033/pjcintl.cabO16 - DPF: {D5B680E5-9C5F-45E0-A97C-5
21D4F28117
3} (PJ12enuC Class) -
https://alpha131.msepmonline.com/ProjectServer/_layouts/pwa/objects/1033/pjcintl.cabO16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0
060082AA75
C} (GpcContainer Class) -
https://tenrox.webex.com/client/T25L/nbr/ieatgpc.cabO16 - DPF: {E3089160-E8AD-4C5B-B47C-A
DDF3DF660D
D} (PjAdoInfo4 Class) -
https://alpha131.msepmonline.com/ProjectServer/_layouts/pwa/objects/pjclient.cabO16 - DPF: {FFBB3F3B-0A5A-4106-BE53-D
FE1E2340CB
1} (DownloadManager Control) -
http://download.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.2.2.2.cabO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\
ALUSchedul
erSvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfe
e\EmProxy\
emproxy.ex
e
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.ex
e
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService
.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEU
P~1\LUCOMS
~1.EXE
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMoni
tor.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\H
WAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcu
pdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcm
scsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafe
e\mna\mcna
svc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~
1\mcods.ex
e
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcp
romgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafe
e\mcproxy\
mcproxy.ex
e
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafe
e\redirsvc
\redirsvc.
exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~
1\mcshield
.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~
1\mcsysmon
.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.ex
e
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps
.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.e
xe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
--
End of file - 11915 bytes
Start Free Trial
