Windows Vista Forums

Help please: Hijack This logfile
  1. 24 Jan 2010 #1


    patqwerty

    Newbie
    Join Date : Jan 2010
    Posts : 2
    Vista Home edition
    Local Time: 02:08 AM

    Help please: Hijack This logfile

    Hi guys. I was wondering if someone would be kind enough to help me with my laptop please? My email account and online bank account was recently hacked so I'm absolutely freaked out and I'm terrified of using the internet to buy things/book holidays.

    I am running Vista home premium and my AV is Kaspersky 8.0.0.357 (which has obviously failed to do its job).

    This is my Hijack this log file:

    Code:
     
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:13:41 PM, on 24/1/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 DataModem HSDPA.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = VAIO Online
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: live-tv-software Toolbar - {9adbbe57-3893-4392-aed6-e6cc7ba3d6f5} - C:\Program Files\live-tv-software\tblive.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: live-tv-software Toolbar - {9adbbe57-3893-4392-aed6-e6cc7ba3d6f5} - C:\Program Files\live-tv-software\tblive.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: live-tv-software Toolbar - {9adbbe57-3893-4392-aed6-e6cc7ba3d6f5} - C:\Program Files\live-tv-software\tblive.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [E-Flyer] "C:\Program Files\Sony\E-Flyer\SubFlyer.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [HUAWEI 3G Data Card MTS] C:\Program Files\Huawei technologies\Huawei UMTS Data Card\3 DataModem HSDPA.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A789E956-ACE4-4F41-B841-C5D1B7FE62E7}: NameServer = 172.31.140.69 172.30.140.69
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 11070 bytes
 
 
 
 
I have also attached my AV logfile if needed:
 
uninstaller.exe (events: 1) 
24/1/2010 6:00:44 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
17/1/2010 9:57:01 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
17/1/2010 9:56:59 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
17/1/2010 1:41:28 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
11/1/2010 10:34:23 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
11/1/2010 10:07:09 PM Placed in group Trusted/Adobe Systems 
uninstaller.exe (events: 1) 
10/1/2010 3:54:42 PM Placed in group Low Restricted 
uninstaller.exe (events: 1) 
10/1/2010 3:54:41 PM Placed in group Low Restricted 
uninstaller.exe (events: 1) 
10/1/2010 3:54:40 PM Placed in group Trusted/Mozilla 
uninstaller.exe (events: 1) 
10/1/2010 12:02:36 AM Placed in group Trusted/Adobe Systems 
uninstaller.exe (events: 1) 
9/1/2010 6:46:14 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
9/1/2010 6:46:12 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
2/1/2010 12:31:25 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
2/1/2010 12:31:16 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
2/1/2010 12:29:32 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
2/1/2010 12:29:28 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
2/1/2010 12:29:25 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
2/1/2010 12:29:35 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
2/1/2010 10:12:20 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
2/1/2010 10:12:19 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
1/1/2010 3:18:59 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
11/1/2010 10:34:21 PM Placed in group Trusted/Microsoft 
1/1/2010 3:18:58 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
30/12/2009 1:52:37 AM Placed in group Trusted/Mozilla 
uninstaller.exe (events: 1) 
24/1/2010 7:13:19 PM Placed in group Trusted/Trend Micro 
30/12/2009 1:43:32 AM Placed in group Trusted/Trend Micro 
uninstaller.exe (events: 1) 
30/12/2009 1:43:28 AM Placed in group Trusted/Trend Micro 
uninstaller.exe (events: 1) 
30/12/2009 12:50:43 AM Placed in group Low Restricted 
uninstaller.exe (events: 1) 
17/1/2010 1:11:17 PM Autorun Denied: KLPrivileges/KLSelfStart 
16/1/2010 11:18:32 PM Autorun Denied: KLPrivileges/KLSelfStart 
12/1/2010 9:20:06 PM Autorun Denied: KLPrivileges/KLSelfStart 
10/1/2010 12:09:23 AM Autorun Denied: KLPrivileges/KLSelfStart 
9/1/2010 7:01:01 PM Autorun Denied: KLPrivileges/KLSelfStart 
1/1/2010 3:08:59 PM Autorun Denied: KLPrivileges/KLSelfStart 
30/12/2009 12:50:42 AM Placed in group Low Restricted 
uninstaller.exe (events: 1) 
29/12/2009 3:38:58 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:38:03 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:37:28 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:36:54 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:35:00 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:34:40 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:34:38 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 10:16:52 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 10:16:51 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 10:04:01 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 10:03:58 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 10:00:22 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 9:50:08 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 9:45:53 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 9:45:51 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 9:44:34 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 9:44:31 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
10/1/2010 12:34:57 PM Autorun Denied: KLPrivileges/KLSelfStart 
10/1/2010 12:02:32 AM Autorun Denied: KLPrivileges/KLSelfStart 
9/1/2010 6:26:31 PM Autorun Denied: KLPrivileges/KLSelfStart 
2/1/2010 12:32:52 PM Autorun Denied: KLPrivileges/KLSelfStart 
2/1/2010 10:10:43 AM Autorun Denied: KLPrivileges/KLSelfStart 
1/1/2010 3:07:17 PM Autorun Denied: KLPrivileges/KLSelfStart 
1/1/2010 12:27:34 AM Autorun Denied: KLPrivileges/KLSelfStart 
30/12/2009 10:50:28 PM Autorun Denied: KLPrivileges/KLSelfStart 
30/12/2009 2:16:39 AM Autorun Denied: KLPrivileges/KLSelfStart 
30/12/2009 1:01:32 AM Placed in group Trusted 
28/12/2009 7:36:28 PM Placed in group Low Restricted 
uninstaller.exe (events: 1) 
28/12/2009 7:35:40 PM Placed in group Low Restricted 
uninstaller.exe (events: 1) 
28/12/2009 7:35:34 PM Placed in group Low Restricted 
uninstaller.exe (events: 1) 
30/12/2009 1:01:30 AM Placed in group Trusted 
28/12/2009 7:35:30 PM Placed in group Low Restricted 
uninstaller.exe (events: 1) 
10/1/2010 12:35:50 PM Modification hklm\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9 Denied: KLSystemData/KLStartupRegKeys/WinSock2_Parameters 
10/1/2010 12:35:50 PM Access to another process memory c:\windows\explorer.exe Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcEmbed/KLReadProcMem 
10/1/2010 12:06:24 AM Modification hklm\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9 Denied: KLSystemData/KLStartupRegKeys/WinSock2_Parameters 
10/1/2010 12:06:24 AM Access to another process memory c:\windows\explorer.exe Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcEmbed/KLReadProcMem 
9/1/2010 6:30:17 PM Access to another process memory c:\windows\explorer.exe Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcEmbed/KLReadProcMem 
2/1/2010 12:36:51 PM Modification hklm\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9 Denied: KLSystemData/KLStartupRegKeys/WinSock2_Parameters 
2/1/2010 12:36:51 PM Access to another process memory c:\windows\explorer.exe Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcEmbed/KLReadProcMem 
2/1/2010 10:13:57 AM Modification hklm\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9 Denied: KLSystemData/KLStartupRegKeys/WinSock2_Parameters 
2/1/2010 10:13:57 AM Access to another process memory c:\windows\explorer.exe Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcEmbed/KLReadProcMem 
2/1/2010 12:14:55 AM Access to another process memory c:\windows\explorer.exe Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcEmbed/KLReadProcMem 
1/1/2010 3:09:56 PM Modification hklm\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9 Denied: KLSystemData/KLStartupRegKeys/WinSock2_Parameters 
1/1/2010 3:09:56 PM Access to another process memory c:\windows\explorer.exe Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcEmbed/KLReadProcMem 
1/1/2010 12:29:51 AM Access to another process memory c:\windows\explorer.exe Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcEmbed/KLReadProcMem 
30/12/2009 10:54:29 PM Access to another process memory c:\windows\explorer.exe Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcEmbed/KLReadProcMem 
30/12/2009 2:21:02 AM Modification hklm\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9 Denied: KLSystemData/KLStartupRegKeys/WinSock2_Parameters 
30/12/2009 2:21:02 AM Access to another process memory c:\windows\explorer.exe Denied: KLPrivileges/KLPermissionAppAccess/KLPermissionProcEmbed/KLReadProcMem 
30/12/2009 1:01:30 AM Placed in group Trusted 
28/12/2009 7:35:12 PM Placed in group Low Restricted 
uninstaller.exe (events: 1) 
28/12/2009 7:34:32 PM Placed in group Trusted/Vendio Services 
uninstaller.exe (events: 1) 
28/12/2009 7:33:51 PM Placed in group Trusted/Vendio Services 
uninstaller.exe (events: 1) 
28/12/2009 7:33:31 PM Placed in group Trusted/DivX 
uninstaller.exe (events: 1) 
28/12/2009 7:32:53 PM Placed in group Trusted 
uninstaller.exe (events: 1) 
28/12/2009 7:23:35 PM Placed in group Trusted/Intervideo 
uninstaller.exe (events: 1) 
28/12/2009 5:27:40 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 5:23:31 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 5:23:29 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 5:34:03 PM Placed in group Trusted 
uninstaller.exe (events: 1) 
10/1/2010 4:03:59 PM Autorun Denied: KLPrivileges/KLSelfStart 
10/1/2010 4:01:35 PM Autorun Denied: KLPrivileges/KLSelfStart 
10/1/2010 12:34:57 PM Autorun Denied: KLPrivileges/KLSelfStart 
10/1/2010 12:03:20 AM Autorun Denied: KLPrivileges/KLSelfStart 
9/1/2010 6:26:34 PM Autorun Denied: KLPrivileges/KLSelfStart 
2/1/2010 12:33:30 PM Autorun Denied: KLPrivileges/KLSelfStart 
2/1/2010 10:10:47 AM Autorun Denied: KLPrivileges/KLSelfStart 
1/1/2010 3:07:20 PM Autorun Denied: KLPrivileges/KLSelfStart 
1/1/2010 12:27:35 AM Autorun Denied: KLPrivileges/KLSelfStart 
30/12/2009 10:51:35 PM Autorun Denied: KLPrivileges/KLSelfStart 
30/12/2009 2:16:54 AM Autorun Denied: KLPrivileges/KLSelfStart 
29/12/2009 5:32:35 PM Autorun Denied: KLPrivileges/KLSelfStart 
29/12/2009 4:58:24 AM Autorun Denied: KLPrivileges/KLSelfStart 
28/12/2009 10:15:43 PM Autorun Denied: KLPrivileges/KLSelfStart 
28/12/2009 5:19:54 PM Autorun Denied: KLPrivileges/KLSelfStart 
uninstaller.exe (events: 1) 
29/12/2009 4:58:09 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 10:17:07 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:37:24 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
2/1/2010 10:12:23 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:37:59 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:36:19 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
10/1/2010 3:57:23 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
30/12/2009 1:49:22 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
28/12/2009 10:03:54 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:34:19 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:36:22 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
1/1/2010 3:19:00 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:46:59 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:37:06 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
10/1/2010 12:05:36 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:37:34 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
29/12/2009 3:37:28 AM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
24/1/2010 5:50:20 PM Autorun Denied: KLPrivileges/KLSelfStart 
17/1/2010 1:07:59 PM Autorun Denied: KLPrivileges/KLSelfStart 
11/1/2010 10:07:07 PM Autorun Denied: KLPrivileges/KLSelfStart 
10/1/2010 4:01:29 PM Autorun Denied: KLPrivileges/KLSelfStart 
10/1/2010 12:34:57 PM Autorun Denied: KLPrivileges/KLSelfStart 
10/1/2010 12:02:44 AM Autorun Denied: KLPrivileges/KLSelfStart 
9/1/2010 6:26:31 PM Autorun Denied: KLPrivileges/KLSelfStart 
2/1/2010 12:32:58 PM Autorun Denied: KLPrivileges/KLSelfStart 
2/1/2010 10:10:44 AM Autorun Denied: KLPrivileges/KLSelfStart 
1/1/2010 3:07:17 PM Autorun Denied: KLPrivileges/KLSelfStart 
1/1/2010 12:27:34 AM Autorun Denied: KLPrivileges/KLSelfStart 
30/12/2009 10:50:34 PM Autorun Denied: KLPrivileges/KLSelfStart 
30/12/2009 2:16:38 AM Autorun Denied: KLPrivileges/KLSelfStart 
uninstaller.exe (events: 1) 
10/1/2010 12:01:33 AM Autorun Denied: KLPrivileges/KLSelfStart 
uninstaller.exe (events: 1) 
30/12/2009 2:16:40 AM Placed in group Low Restricted 
uninstaller.exe (events: 1) 
28/12/2009 9:46:07 PM Placed in group Trusted/Microsoft 
uninstaller.exe (events: 1) 
24/1/2010 5:49:55 PM Proactive Defense Task started 
24/1/2010 5:49:55 PM Application Filtering Task started 
24/1/2010 5:49:55 PM Firewall Task started 
17/1/2010 1:07:20 PM Firewall Task started 
17/1/2010 1:07:20 PM Proactive Defense Task started 
17/1/2010 1:07:20 PM Application Filtering Task started 
11/1/2010 10:05:48 PM Proactive Defense Task started 
11/1/2010 10:05:47 PM Application Filtering Task started 
11/1/2010 10:05:47 PM Firewall Task started 
10/1/2010 4:01:05 PM Proactive Defense Task started 
10/1/2010 4:01:05 PM Application Filtering Task started 
10/1/2010 4:01:05 PM Firewall Task started 
10/1/2010 12:25:56 PM Application Filtering Task started 
10/1/2010 12:25:56 PM Proactive Defense Task started 
10/1/2010 12:25:55 PM Firewall Task started 
10/1/2010 12:01:30 AM Proactive Defense Task started 
10/1/2010 12:01:30 AM Firewall Task started 
10/1/2010 12:01:30 AM Application Filtering Task started 
9/1/2010 11:50:38 PM Application Filtering Task started 
9/1/2010 11:50:38 PM Proactive Defense Task started 
9/1/2010 11:50:38 PM Firewall Task started 
9/1/2010 6:05:37 PM Firewall Task started 
9/1/2010 6:05:37 PM Proactive Defense Task started 
9/1/2010 6:05:36 PM Application Filtering Task started 
2/1/2010 12:27:21 PM Proactive Defense Task started 
2/1/2010 12:27:21 PM Application Filtering Task started 
2/1/2010 12:27:21 PM Firewall Task started 
2/1/2010 1:34:16 AM Application Filtering Task started 
2/1/2010 1:34:16 AM Proactive Defense Task started 
2/1/2010 1:34:16 AM Firewall Task started 
1/1/2010 3:05:10 PM Proactive Defense Task started 
1/1/2010 3:05:10 PM Application Filtering Task started 
1/1/2010 3:05:08 PM Firewall Task started 
1/1/2010 12:15:16 AM Proactive Defense Task started 
1/1/2010 12:15:16 AM Application Filtering Task started 
1/1/2010 12:15:16 AM Firewall Task started 
30/12/2009 10:50:08 PM Application Filtering Task started 
30/12/2009 10:50:08 PM Firewall Task started 
30/12/2009 10:50:08 PM Proactive Defense Task started 
30/12/2009 2:11:10 AM Firewall Task started 
30/12/2009 2:11:10 AM Proactive Defense Task started 
30/12/2009 2:11:10 AM Application Filtering Task started 
29/12/2009 5:31:18 PM Proactive Defense Task started 
29/12/2009 5:31:18 PM Application Filtering Task started 
29/12/2009 5:31:18 PM Firewall Task started 
29/12/2009 3:32:35 AM Proactive Defense Task started 
29/12/2009 3:32:35 AM Firewall Task started 
29/12/2009 3:32:35 AM Application Filtering Task started 
28/12/2009 10:03:08 PM Proactive Defense Task started 
28/12/2009 10:03:08 PM Application Filtering Task started 
28/12/2009 10:03:08 PM Firewall Task started 
28/12/2009 5:18:47 PM Firewall Task started 
28/12/2009 5:18:47 PM Application Filtering Task started 
28/12/2009 5:18:47 PM Proactive Defense Task started



      My System SpecsSystem Spec
    Reply With Quote Reply With Quote
  2. 24 Jan 2010 #2
    pauliewalnuts's Avatar
    pauliewalnuts

    Chief Flapajaw
    Join Date : Nov 2008
    Columbia, MD
    Posts : 278
    Vista Home Premium 64-bit
    Local Time: 10:08 PM
    usa us maryland

     

    Re: Help please: Hijack This logfile

    Is this the only computer you log in to and access your banking and email accounts, because nothing really sticks out here.

    Try the online BitDefender scan. You need a Java-enabled browser for this.

      My System SpecsSystem Spec
    Reply With Quote Reply With Quote
  3. 28 Jan 2010 #3
    mblack's Avatar
    mblack

    Member
    Join Date : Aug 2009
    Posts : 60
    Vista Home Premium 32bit
    Local Time: 08:08 PM


     

    Re: Help please: Hijack This logfile

    Nothing to worry about here, but i was just wondering have you been in touch with Kaspersky and asked them to run some checks for you, also have you done a repair on your KIS 2009 or even updated to the 2010 version as it is a free option pending on how long you have left on your license, i also think its highly unlikley for KIS to have let you down, unless your databases weren't up to date !

      My System SpecsSystem Spec
    Reply With Quote Reply With Quote
  4. 28 Jan 2010 #4


    patqwerty

    Newbie
    Join Date : Jan 2010
    Posts : 2
    Vista Home edition
    Local Time: 02:08 AM


      Thread Starter

    Re: Help please: Hijack This logfile

    Thanks for reply guys. The only other place i log into my email & banking is with my iPhone. Does anyone think that it may be the culprit? Having said that, I have logged into my email with the phone after resetting my password and dong seem to have a problem... I'm confused! My databases were always up to date but I'll definitely get the update and also get them to have a look as well.

      My System SpecsSystem Spec
    Reply With Quote Reply With Quote
  5. 31 Jan 2010 #5
    pauliewalnuts's Avatar
    pauliewalnuts

    Chief Flapajaw
    Join Date : Nov 2008
    Columbia, MD
    Posts : 278
    Vista Home Premium 64-bit
    Local Time: 10:08 PM
    usa us maryland

     

    Re: Help please: Hijack This logfile

    Definitely. IPhones have been hacked, and they're actually, relative to PCs, quite easy to hack because their security encryption is worthless, particularly if your IPhone has been jailbroken, something that disables about 80 percent of the phone's "stock" security,

      My System SpecsSystem Spec
    Reply With Quote Reply With Quote
Help please: Hijack This logfile problems?
« Secunia Scanning | user account control is turned off »

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hijack This Log File - Can someone help? smithsurfer System Security 6 17 Dec 2009
HiJack this, browser hijacking shamusfu Vista General 1 22 Dec 2008
hijack.startmenu kcm4321 System Security 0 18 Oct 2008
Vista IE hijack Juanstg Vista General 1 20 Feb 2008
Possible Hijack compboy Vista General 4 18 Oct 2007