MAC-NETHow toNetwork SecurityVirus ProtectionSpyware ProtectionDownloadReferenceContact
 

Do more with FirefoxNEW

AntiSpyware from Microsoft

Free Adware Scanner

Free Anti Virus

Free Browser

Free Browser Exploit Disabler

Free Cleaner

Free Firewall

Free PDF file creator

Free Picasa

Free Popup Blocker

Free Registry Scanner

Free Spam Protection

Free TIFF file creator

Free Vista SP1 Update

Free XP SP3 Update

Hijack This - Analysis Tools

Hijack This - StartupList

Microsoft VM

Process Viewer Utility

ROSE Data Support

SIP client for Mac OS X

SpywareBlaster

Virus Removal Tool from Microsoft

NetBeui on Vista & XP

Business Software Support Download
Home » Download » Hijack This - Analysis Tools » 

Example of a clean HijackThis Logfile

This is generate by a brand new HP Compaq nx5000 notebook.  You can use this as a baseline when reviewing your logfile.

Scan saved at 11:10:27 AM, on 2 / 28 / 2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Norton AntiVirus \ navapsvc.exe
C: \ Program Files \ Analog Devices \ SoundMAX \ SMAgent.exe
c: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe
C: \ WINDOWS \ AGRSMMSG.exe
C: \ WINDOWS \ system32 \ igfxtray.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ Program Files \ Java \ j2re1.4.2_02 \ bin \ jusched.exe
C: \ Program Files \ Synaptics \ SynTP \ SynTPLpr.exe
C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ Program Files \ HPQ \ Quick Launch Buttons \ EabServr.exe
C: \ Program Files \ Hewlett-Packard \ HP Mobile Printing \ HPBMOBIL.EXE
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Documents and Settings \ Toh \ Desktop \ HijackThis.exe

R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main,Default_Page_URL = website: hp.com
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard,ShellNext = website: hp.com /

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C: \ Program Files \ Adobe \ Acrobat 6.0 \ Reader \ ActiveX \ AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C: \ Program Files \ Norton AntiVirus \ NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C: \ Program Files \ Norton AntiVirus \ NavShExt.dll

O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [IgfxTray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] C: \ Program Files \ Java \ j2re1.4.2_02 \ bin \ jusched.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [SynTPLpr] C: \ Program Files \ Synaptics \ SynTP \ SynTPLpr.exe
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [NAV CfgWiz] C: \ Program Files \ Common Files \ Symantec Shared \ CfgWiz.exe / GUID NAV / CMDLINE "REBOOT"
O4 - HKLM \ .. \ Run: [eabconfg.cpl] C: \ Program Files \ HPQ \ Quick Launch Buttons \ EabServr.exe / Start
O4 - HKLM \ .. \ Run: [SSC_UserPrompt] c: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ UsrPrmpt.exe
O4 - HKLM \ .. \ Run: [Cpqset] C: \ Program Files \ HPQ \ Default Settings \ cpqset.exe
O4 - HKCU \ .. \ Run: [HP Mobile Printing] C: \ Program Files \ Hewlett-Packard \ HP Mobile Printing \ HPBMOBIL.EXE
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C: \ Program Files \ Java \ j2re1.4.2_02 \ bin \ npjpi142_02.dll
O9 - Extra ´Tools´ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C: \ Program Files \ Java \ j2re1.4.2_02 \ bin \ npjpi142_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra ´Tools´ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C: \ Program Files \ Messenger \ msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=website: hp.com

O23 - Service: Symantec Event Manager - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: HP WMI Interface - Hewlett-Packard Development Company, L.P. - C: \ Program Files \ HPQ \ SHARED \ HPQWMI.exe
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C: \ Program Files \ Norton AntiVirus \ navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C: \ Program Files \ Norton AntiVirus \ SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C: \ PROGRA~1 \ COMMON~1 \ SYMANT~1 \ SCRIPT~1 \ SBServ.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C: \ Program Files \ Analog Devices \ SoundMAX \ SMAgent.exe
O23 - Service: SymWMI Service - Symantec Corporation - c: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe

 

commentPost your comment 
Mail this pageMail this page


© 2004-2008. All Rights Reserved.