[Ariesjill]

Hi,

My HJT started acting strangely yesterday. I had more entries than I am used to....often none. I selected those 2 put on Ignore and those 2 fix.....but it only half worked.

Just ran today's scan and C some of the same entries.....now can not put any on ignore list so they stick, or fix the others successfully.

I am sure I am not infected....just don't understand wut is wrong or wut 2 do. Will paste.....

Logfile of HijackThis v1.99.1
Scan saved at 2:09:45 AM, on 12/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe


Maybe my HJT got tired or corrupted.
Thanks so much,
Jill

 

[Ariesjill]

Follow Up:

I think everything OK: deleted current HJT incl manually re residue, downloaded fresh one; ran all my scans, ran new HJT, found same stuff as I pasted; put most things I recognized as necessary on Ignore, fixed remaining couple/few.....but this time, everything worked normally; one I was in doubt about & left, naturally remained after second scan.

Have no clue re wut happened, but things now appear normal.

It's Christmas; generous pundits ought not be reading HJT logs anyhow!

If something breaks in new HJT, I & my Gremlins....will be back.

Thanks &......Merry!
Jill

 

[Ried]

Hi AriesJill,

HijackThis is a powerful tool. It does not fix anything on it's own, so there is no need to set any entries to 'Ignore', in fact, that could hinder our efforts should you ever need our services.

Do not fix anything in HijackThis unless under the guidance of a Security Analyst as many entries are legit and necessary for the proper operation of your system.

Use your Anti-Malware programs ie, Spybot, AdAware, AVG A-S, etc., for general cleaning and scanning purposes--not HijackThis. :smile:

Happy Holidays to you. :grin:

 

[Ariesjill]

Thank U, Ried

Hi Ried!ray: :grin:

First Happy, Healthy, Merry 2 U as well!!!

Now, as it emerged in earlier thread n this forum, given nobody told me not to, after finding and downloading HJT over a year ago, I read, & ran/run it myself, configure it myself, and so far, have apparently used sane judgement re which entries are necessary & not trying to carry my systems away to someplace I would rather eat worms than go to.

Same deal with suspicious items and precluding them re fix.

Again, over tme, I have carefully tested every single anti mal on planet.....and evolved my armamentarium meticulosly....and it is work in progress. (Like life, OK?) Have also learned about SnoopFree on this precious site and it has been major addition to the artillery stash; my new KB had logger in it!!! OMG. On other hand.....were I to have problems with this syste3m, ran HJT and saw tons of stuff....I would not touch anything, but post log 4 the Real Analysts who contribute here to give expert take; I know my limitations!!! (sometimes)

I posted, beccause the usual options in my existing copy of HJT were not functioning properly....I've never been seriously infected in any system so far.....but deleting and downloading fresh copy of HJT put things right.

Again, to be moroncally low tech, I think my original copy got "tired" or corrupted, but I should also boot into my backupdrive to check that before I update it with XXClone.

I knew I wasn't infected, but there was something totally wrong.....and maybe my instinct to do the above was just.....well, good instinct!!!

I will attach shot of my current desktop desktop (not lappy desktop) and U will C I have all the anti utiities I need....and having been tester over months on and still stunned by the final version of advanced Windows Care.....I have now deleted both Spybot and Ad-Aware.....I tested over time and they nevah picked up anything AWC does not.....though I retain utilities, both freewares and licensed/bought & paid 4.....which do. Anti icons on right of desktop.

Thanks for taking the time, Ried....hopefully not from your lappy at an airport or any celebration!!!!:wave:

Jill (This now appears resolved!)