TechSpot

Need expert to read my hijackthis log file

By 2468
Dec 2, 2007
  1. Hi, i think someone been spying on my computer. I dled Spybot and Adware but still think im being spy on. So I did a hijackthis log file but have no idea which files are good and bad. Would someone please check to see which file i should delete.

    Thank You
     
  2. Daveskater

    Daveskater Banned Posts: 1,687

    Please post your log as an attachment, then it will be looked through, thanks
     
  3. 2468

    2468 TS Rookie Topic Starter

  4. Daveskater

    Daveskater Banned Posts: 1,687

    Have hjt fix these entries to begin with:

    R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)

    O2 - BHO: (no name) - {f6fd56e3-1530-4742-a902-ab71e364eab2} - C:\WINDOWS\system32\hcc254.dll (file missing)

    What problems are you experiencing?


    This thread is for the use of 2468 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. Jase123

    Jase123 Banned Posts: 1,012

    Hi 2468, Welcome to Techspot![​IMG]

    My name is Jason, on these forums I am known as Jase123. I will be helping you with your current problem.
    HiJackThis logs do take some time to review and research. I would appreciate it if while you are waiting, you could please do the following for me:

    Please make an Uninstall List using HiJackThis.


    To access the Uninstall Manager you would do the following:

    • 1. Start HijackThis
      2. Click on the Config button
      3. Click on the Misc Tools button
      4. Click on the Open Uninstall Manager button.
      5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here in a reply.

    As we work together to resolve your problem, please read these instructions carefully. You may wish to print them off or copy them to Notepad.

    Lastly, please keep these points in mind:
    • If you have questions, please DON'T hesitate to ask!
    • The instructions I give are specific to your current problem and should not be used on other systems.
    • Please post your replies only to this topic, and please DO NOT start a new thread.
    • Since there may be multiple issues with your system, please continue to follow this thread until I have given you an "All Clean!"

    I am reviewing your log now, and will be back with you shortly. Thank you for your patience.

    Regards Jason :)
     
  6. Jase123

    Jase123 Banned Posts: 1,012

    Congratulations 2468, Your Log appears to be clean!

    How is your system running? Are you still having problems?
     
  7. 2468

    2468 TS Rookie Topic Starter

    Its kind of hard to explain. Seems like someone been monitoring my internet activities and what I typed. I been playing this mmorpg for a while and quitted due to problems with some other players(the spyer). So I started playing another mmorpg and those same player is on there too and even know my in game name. I just did a system restore yesterday dont know if that helped. Thanks for the help.
     
  8. 2468

    2468 TS Rookie Topic Starter

    heres the list from the uninstall manager

    Ad-Aware 2007
    Adobe Reader 7.0
    AnyDVD
    AOL Instant Messenger
    Broadcom Management Programs
    Brother MFL-Pro Suite
    CloneDVD2
    Conexant D480 MDC V.9x Modem
    Dell Digital Jukebox Driver
    Dell Driver Reset Tool
    Dell Picture Studio v3.0
    Dell Support 3.1
    Digital Line Detect
    DivX
    DivX Content Uploader
    DivX Web Player
    DVD Decrypter (Remove Only)
    EagleEyeOS One, version: 3.0-hotfix-1
    EarthLink setup files
    FLV Player
    Google Toolbar for Internet Explorer
    HijackThis 2.0.2
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Intel(R) Extreme Graphics 2 Driver
    Intel(R) PROSet/Wireless Software
    Internet Explorer Default Page
    J2SE Runtime Environment 5.0 Update 1
    Jasc Paint Shop Photo Album 5
    Jasc Paint Shop Pro Studio, Dell Editon
    Java 2 Runtime Environment, SE v1.4.2_03
    Learn2 Player (Uninstall Only)
    LimeWire PRO 4.12.6
    Macromedia Flash Player
    Macromedia Flash Player 8
    McAfee SecurityCenter
    McAfee SiteAdvisor
    mCore
    mDrWiFi
    mHlpDell
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    mIWA
    mIWCA
    mLogView
    mMHouse
    Modem Helper
    Mozilla Firefox (2.0.0.6)
    mPfMgr
    mPfWiz
    mProSafe
    mSSO
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 Parser and SDK
    mToolkit
    Musicmatch® Jukebox
    mWlsSafe
    mXML
    mZConfig
    NetWaiting
    OtsTurntables Free 1.00.012
    PaperPort
    PowerDVD 5.6
    QuickBooks Simple Start Special Edition
    QuickTime
    RealPlayer
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB883939)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893066)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901190)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB903235)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911280)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB918899)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922760)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB943460)
    Sonic DLA
    Sonic MyDVD LE
    Sonic RecordNow Audio
    Sonic RecordNow Copy
    Sonic RecordNow Data
    Sonic Update Manager
    Spybot - Search & Destroy
    Synaptics Pointing Device Driver
    Texas Instruments PCIxx20 drivers.
    Update for Windows XP (KB894391)
    Update for Windows XP (KB896727)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB929338)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB933360)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Viewpoint Media Player
    WebCyberCoach 3.2 Dell
    Windows Defender
    Windows Defender Signatures
    Windows Genuine Advantage v1.3.0254.0
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Media Format Runtime
    Windows Media Player 10
    Windows Media Player 10
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB893086
    WingMan Software
    WinPatrol 2007
    WinRAR archiver
    WordPerfect Office 12
    Yahoo! Browser Services
    Yahoo! Toolbar for Internet Explorer
     
  9. Jase123

    Jase123 Banned Posts: 1,012

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the Panda Antirootkit scan.

    Regards Jason :)

    This thread is for the use of 2468 ONLY. Please do NOT post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  10. 2468

    2468 TS Rookie Topic Starter

  11. Daveskater

    Daveskater Banned Posts: 1,687

    Have these entries fixed:

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 216.129.105.10:8080

    O24 - Desktop Component 0: (no name) - (no file)

    It may be that somebody is "watching" you over the IP and port in the R1 entry, that's my guess for now anyway ;)

    Oh yeah, your AVG log is fine as it's only tracking cookies that have been quarantined so other then these two entries i think you'd be alright


    This thread is for the use of 2468 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  12. 2468

    2468 TS Rookie Topic Starter

    O24 - Desktop Component 0: (no name) - (no file) keeps coming back after i delete it.
     
  13. Daveskater

    Daveskater Banned Posts: 1,687

    Ok, do you have an Active Desktop set?

    Also, do you get popups about security alerts, not from windows?


    This thread is for the use of 2468 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  14. 2468

    2468 TS Rookie Topic Starter

    whats an active desktop set?

    Sometimes i get a popup about security alerts from my mcafee saying my computer is not protected.
     
  15. Daveskater

    Daveskater Banned Posts: 1,687

    an active desktop is when you set an internet object as your background, e.g. right clicking a picture and clicking "set as desktop background" from an internet browser


    This thread is for the use of 2468 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  16. evilfantasy

    evilfantasy Banned Posts: 428

    Go to Start -> Control panel -> Display Properties -> Desktop -> Customize Desktop... -> Web tab, then uncheck and delete everything you find in there (except for "My current home page"),

    Also remove the checkmark from the the Lock Desktop Items box if it is checked.
    Apply.
    Apply and Exit Display properties.

    Run HijackThis and check the 024 entry, if it still exists, and click Fix checked.
     
  17. 2468

    2468 TS Rookie Topic Starter

    oh, after doing the Viruses/Spyware/Malware, preliminary removal instructions, my desktop changed to a plain blue desktop.
     
  18. Daveskater

    Daveskater Banned Posts: 1,687

    That's probably just because you set your desktop background via the web.

    Have you done what evilfantasy said yet?


    This thread is for the use of 2468 only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  19. 2468

    2468 TS Rookie Topic Starter


    there was nothing inside the web tab and the lock desktop items box was already unchecked.
     
  20. evilfantasy

    evilfantasy Banned Posts: 428

    Try turning off Spybots Tea Timer.

    McAfee may have it locked as well.

    First:
    * Right click Spybot in the System Tray (looks like a calendar with a padlock symbol)
    * Choose Exit Spybot S&D Resident
    Second:
    * Open Spybot S&D
    * Click Mode, check Advanced Mode
    * Go To Left Panel, Click Tools, then also in left panel, click Resident
    * If your firewall raises a question, say OK
    * Uncheck the box labeled Resident Tea-Timer and OK any prompts.
    * Use File, Exit to terminate Spybot
    * Reboot your machine for the changes to take effect.
     
  21. 2468

    2468 TS Rookie Topic Starter

    still not going away.
     
  22. evilfantasy

    evilfantasy Banned Posts: 428

    Try deleting the entry in safe mode.

    * Restart the computer.
    * Before Windows loads start tapping the F8 key.
    * When you get to the boot menu, use the arrow keys to select Safe mode
    * Then Press Enter
    * The computer restarts in Safe mode.
     
  23. 2468

    2468 TS Rookie Topic Starter

    k that work thanks everyone.
     
  24. evilfantasy

    evilfantasy Banned Posts: 428

    Glad it worked.

    Go to Start > Run and copy and paste next command in the field:

    ComboFix /u

    [​IMG]

    Make sure there's a space between Combofix and /
    Then hit Enter.

    This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again


    [​IMG] Your Java is out of date
    Older versions have vulnerabilities that malware can use to infect your system. It is possible that you may be running Java code in your applications that absolutely require a specific version of the JRE to run. Please follow these steps to remove older version of Java components and update

    Updating Java:
    * Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
    * Check for any item with Java Runtime Environment (JRE or J2SE) in the name.
    ** The latest version is Java 6 Update 3. Remove all other entries.
    * Click the Remove or Change/Remove button.
    * Repeat as many times as necessary to remove each of the Java versions.
    * Reboot your computer once all Java components are removed.

    * Download the latest version of Java Runtime Environment (JRE) 6
    * Click the Free Java Download button.
    * Click the Download Now button.
    * When the Software Installation dialog box opens. Click on the Install Now button.
    * Follow the prompts to complete installation.

    Safe surfing......
     
  25. 2468

    2468 TS Rookie Topic Starter

    i already tried to delete combofix, now when i try do the run thing it says windows cannot find combfix... will that be a problem?
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...