System Unstable Hijackthis Log Enclosed..

Sep 1, 2005

Hello there after lots of previous problem with my pc. I have formated my PC and though running ok whenever i access Security Centre or the Control Panel neither will respond. Please help. H Here is the Hijack this log file....

Logfile of HijackThis v1.99.1
Scan saved at 14:56:23, on 01/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSsystem32slserv.exe
C:WINDOWSzHotkey.exe
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesDigital Media Readershwiconem.exe
C:WINDOWSALCWZRD.EXE
C:PROGRA~1GrisoftAVGFRE~1avgcc.exe
C:PROGRA~1GrisoftAVGFRE~1avgemc.exe
C:WINDOWSsystem32
undll32.exe
C:WINDOWSexplorer.exe
C:Program FilesInternet Exploreriexplore.exe
C:DOCUME~1PAULSM~1LOCALS~1TempTemporary Directory 1 for hijackthis[1].zipHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://news.bbc.co.uk/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.msn.co.uk
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM..Run: [CHotkey] zHotkey.exe
O4 - HKLM..Run: [ShowWnd] ShowWnd.exe
O4 - HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [SunKistEM] C:Program FilesDigital Media Readershwiconem.exe
O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP
O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GrisoftAVGFRE~1avgemc.exe
O4 - HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2in
pjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2in
pjpi142.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.msn.co.uk
O16 - DPF: {131EB16C-BD58-443F-8151-6DFBB0DA1778} (Anark Client 3.0 ActiveX Control) - http://install.anark.com/client/vers...n/AMClient.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:Program FilesCommon FilesMacromedia SharedServiceMacromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:WINDOWSSYSTEM32slserv.exe

View 14 Replies


ADVERTISEMENT

Switch Between Sp2 And Sp1 - Unstable System

Aug 29, 2005

I am getting random crashes, lock-ups, reboots, you name it. I have had to type this message on wordpad rather than in IE because it will freeze up within seconds. (This site is worse than others for some reason). I recently done a fresh install on my machine so there is very little on it. I have a 160gb sata drive and on 100gb of it I have windows xp sp2 installed and the remaining I have xp sp1 installed so I can switch between the two.

View 1 Replies View Related

OS Unstable - Install Fax - System Restore

Jul 31, 2010

Recently my OS XP Pro has been acting a little strange, when I start it up a installer has been popping up trying to install a fax, which I do cancel before it can install. Also I tried using System Restore and the restore process starts and gets about 1/3 of the way on the progress bar and restarts my PC and says “your system can not be restored”. I have went to Microsoft knowledge base of known problems w/SR and have tried all the different scenarios and get the same result each time. I have a feeling that I have been hijacked. I am including scans from MalewareBytes and Hijack This.

View 14 Replies View Related

Tried Putting A Single 2 GB RAM - The System Became Unstable

Jul 26, 2010

I have three querries,

(1) my desktop configuration is ASUS motherboard P5KPL AM/PS, with pentium (R) dual core CPU 2.7 GHz, 320 GB hard disk, 1 GB DDR2 RAM and NVIDIA getForce 8400 GS. My question is when i tried putting a single 2 GB RAM, it was showing error and the system became unstable. What could be the reason?

View 2 Replies View Related

System Unstable - BSODs - Disabled IDE Controllers

Oct 14, 2006

I've had this ax8 board for some time. Previously, I'd been using an av8. Here's a run down of what I've experienced. With all the default devices enabled in bios, random irq/driver irq not less than or equal BSOD's. Disabled on board FDC, still bsods. Disabled onboard LAN, still bsods. Disabled IDE controllers, still BSOD's. I've tried a pcie and pci card, still bsods. Tried SATA 3&4, still BSODs. I replaced my USB keyboard/mouse with an old ps/2 keyboard and mouse, unplugged my usb headset, and it hasn't crashed since.

View 4 Replies View Related

System Unstable And Crashing - Update - Antivirus Protection

Aug 16, 2005

os keeps getting error messages such as system is unstable and it is crashing on a regular basis when he goes on the internet. he doesnt update his windows on a regular basis and he does not have very good antivirus protection, so i have unplugged his modem for the time being to stop him getting into more trouble. he has reformatted his drive twice in the last 2 weeks so i want to install avg antivirus, spywareblaster, spybot, and the latest version of ad-aware(as he only has an older version) before he plugs his modem back in, then update every thing, and run scans using the programs listed above. am i doing the right thing? and how do i go about wiping his hard drive so i can re-install his windows.

View 3 Replies View Related

Slow System, Hijackthis Log Found

Dec 3, 2004

My computer is very slow, so I run a Hijackthis on it. Figured you guys could tell me what to have fixed.

View 2 Replies View Related

Real Slow System, Help With Hijackthis Log

Dec 22, 2004

My system is incredibly slow opening programs. Real slow! Could someone take a look at my HJT log and see if anything is there?

View 4 Replies View Related

IE 8 Unstable - Copy And Paste

Apr 13, 2010

I am running XP Pro with IE8, there is a problem when I attempt to copy and paste, I can put the pointer on where I want to start highlighting and it will not follow the movement of the mouse when attempting to highlight. You can put the pointer on a sentence and hold the mouse while sliding and it will not highlight, or it may start highlighting somewhere in the middle or maybe not at all. I have tried from bottom up and top down, it makes no difference, this is driving me crazy because I use the copy and paste feature quite often. I've never had this happen before, something appears to be conflicting; but I've been running the same programs for a long period of time and never seen this before.

View 13 Replies View Related

Unstable CPU Usage - Waiting

Sep 4, 2007

i have noticed when you Ctrl-Alt-Del my cpu usage goes from 10% to 90% every 30 secs or so and will not stop a steady line up and down no matter what i am doing i could even be setting idle and still persist

View 4 Replies View Related

Stystem Unstable Trying To Install SP2

Mar 31, 2008

i've recently connected to the internet via broadband, so purchased Norton Internet Security 2008. When trying to install that I was informed I needed to update Windows to XP Service pack 2. (the pc is at least 5 years old, purchased by my wife before we married). I tried this, but eventually a message came up - "Did not install - system unstable". So I did what it said and Uninstalled. But now I'd be very grateful for any advice, ie what does this mean, how can I get the system to be "stable" and thefore install SP2 and therefore Norton Security.In the meantime I'm worried about going on line ( I am sending this from a library) due to being exposed to viruses, spyware etc. A message has already come up about having spyware (but I think this was removed after downloading anti-spyware from yahoo).

View 7 Replies View Related

Blue Screen - Unstable And IE6 Shut Down Frequently

May 27, 2006

Frequently am working and then get the "blue screen" filled with "if this is the first time you've gotten this screen. maybe virus, I don't think I have virus issues since I just repartitioned my whole HD and just loaded up a new copy of Windows XPSP2. Still I get this screen frequently. I also get iE6 wanting to shut down periodically (it says it's sorry........) and that is real frustrating.......plus it struggles with add-ons....maybe I should reinstall IE6.All this coupled with my inability to take up my NAV2004 program makes for a fun day. Compag not that old and as I say new XP.

View 5 Replies View Related

Low Memory - Configuration - Unstable Behavior In The Network

Nov 11, 2006

I have received this message from PC-Cillin "detected unstable behavior in the network, hardware, operating system, or another app. and automatically reverted to it's last know configuration ". I have also received a low memory message. This is a brand new system I built with a good MSI board , i gig of Kingston mem. After the PC-Cillin message and reboot It is running stable. When it wasn't you could not do any thing especially online with numerous pages open up. Very strange behavior. I am running Sunbelts Counterspy which is a very good anti spyware program and running the XP Firewall. This seems to be a program draining the PC and not spyware because very little surfing was done. I will uninstall Counterspy to see if there is a memory leak.

View 1 Replies View Related

Display Properties - Unstable Icon And Window Sizes Changing

Apr 6, 2006

Am having a problem with Display Properties in WinXP-2. During the first 5 minutes after boot-up, screen resolution on my desk top is unstable with icon and window sizes changing from large to small and vice-versa. Resetting the Display Properties during this time has no effect. When the system warms up the problem is gone. Can the Monitor itself be the problem, or is it most likely the Video Card? I don't have another monitor to use as a test unit.

View 3 Replies View Related

Hijackthis Help!!

Aug 30, 2005

Spybot Search & Destroy found abetterinternet.aurora and wwwcoolsearch. I have attached my information from hijackthis and hope someone can help me get rid of this.

Thanks in advance for any help.

Logfile of HijackThis v1.99.1
Scan saved at 8:11:53 PM, on 8/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32cisvc.exe
C:PROGRA~1IomegaSystem32AppServices.exe
c:PROGRA~1mcafee.comvsomcvsrte.exe
C:WINDOWSsystem32RioMSC.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
c:PROGRA~1mcafee.comvsomcshield.exe
C:WINDOWSExplorer.EXE
C:Program FilesMcAfeeMcAfee AntiSpywareMssCli.exe
C:PROGRA~1mcafee.comvsomcvsshld.exe
C:PROGRA~1mcafee.comagentmcagent.exe
C:Program FilesMcAfeeMcAfee Shared ComponentsGuardianCMGrdian.exe
C:WINDOWSBCMSMMSG.exe
C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe
C:PROGRA~1mcafee.comvsomcvsescn.exe
C:Program FilesJavajre1.5.0_02injusched.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
C:WINDOWSSystem32mhbj99d7.exe
C:WINDOWSSystem32hkcmd.exe
C:WINDOWSsystem32
undll32.exe
C:WINDOWSsystem32
undll32.exe
C:Program FilesRoxioEasy CD Creator 5DirectCDDirectCD.exe
C:Program FilesDell SupportDSAgnt.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32cidaemon.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesHijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.dellnet.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yahoo.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = about:blank
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = http://localhost
R3 - URLSearchHook: (no name) - _{4FC95EDD-4796-4966-9049-29649C80111D} - (no file)
R3 - URLSearchHook: (no name) - _{0199DF25-9820-4bd5-9FEE-5A765AB4371E} - (no file)
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {02B87ED9-9E43-E09C-1AC4-92BC697FB39C} - blank (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {07B87EDB-9E32-97EC-1AC6-9ABC1C7BB39B} - blank (file missing)
O2 - BHO: (no name) - {1FFB474E-FAFE-F077-D4EC-F80A070CA69D} - blank (file missing)
O2 - BHO: (no name) - {2FD6774C-D7BC-B233-F9DE-C02742388BAA} - blank (file missing)
O2 - BHO: (no name) - {37954ED9-B370-D5A8-37F4-A291594F9EAC} - blank (file missing)
O2 - BHO: (no name) - {3CAB4059-E440-2BC1-8156-6C5578F07B1F} - blank (file missing)
O2 - BHO: (no name) - {3FFD1251-E967-0AE8-D256-64550DA57A4C} - blank (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll
O2 - BHO: (no name) - {5C8D9187-322B-5FA8-3FFF-775C454EACAD} - blank (file missing)
O2 - BHO: SDWin32 Class - {5FA6752A-C4A0-4222-88C2-928AE5AB4966} - blank (file missing)
O2 - BHO: MyBHOSpy Class - {C52CBAEC-D969-4635-9F50-426CC15CE463} - C:WINDOWSSystem32416881af.dll
O2 - BHO: (no name) - {CB266942-87D6-FA5E-D33D-884DF6F17C95} - blank (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comagentMcUpdate.exe
O4 - HKLM..Run: [_AntiSpyware] C:Program FilesMcAfeeMcAfee AntiSpywareMssCli.exe
O4 - HKLM..Run: [VSOCheckTask] "c:PROGRA~1mcafee.comvsomcmnhdlr.exe" /checktask
O4 - HKLM..Run: [VirusScan Online] "c:PROGRA~1mcafee.comvsomcvsshld.exe"
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [McAfee Guardian] "C:Program FilesMcAfeeMcAfee Shared ComponentsGuardianCMGrdian.exe" /SU
O4 - HKLM..Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02injusched.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [NeroCheck] C:WINDOWSSystem32NeroCheck.exe
O4 - HKLM..Run: [msresearch] C:WINDOWSmsresearch.exe
O4 - HKLM..Run: [mmtask] C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
O4 - HKLM..Run: [mhbj99d7] C:WINDOWSSystem32mhbj99d7.exe
O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM..Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKLM..Run: [AdaptecDirectCD] "C:Program FilesRoxioEasy CD Creator 5DirectCDDirectCD.exe"
O4 - HKCU..Run: [DellSupport] "C:Program FilesDell SupportDSAgnt.exe" /startup
O4 - HKCU..Run: [AIM] C:PROGRA~1AIMaim.exe -cnetwait.odl
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:PROGRA~1AIMaim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Me.../bridge-c9.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/ga...mmon/ieell.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...4/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...21/mcgdmgr.cab
O16 - DPF: {C8BAC37C-A8D2-425E-B7FC-80B9537FB14A} - http://www.spyblast.com/download/SBFullSInst.cab
O16 - DPF: {D97287B6-4018-4060-948D-54D2122FC5C3} - http://www.fastfind.org/ss/client/52...3C00/setup.exe
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: Iomega App Services - Iomega Corporation - C:PROGRA~1IomegaSystem32AppServices.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:PROGRA~1mcafee.comvsomcvsrte.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:WINDOWSsystem32RioMSC.exe

View 6 Replies View Related

HijackThis Scan

May 22, 2005

MY computer is running slow. I have a cable connection with Charter. I run McAfee firewall and antivirus, Spybot Search and Destroy, Ad-Aware SE Personal, Ace Utilities, WinASO Disk Clearner, Error Nuker and Executive Software to defrag.

I just downloaded HijackThis and ran it. Here is the print out:


Logfile of HijackThis v1.99.1
Scan saved at 7:31:57 PM, on 5/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:PROGRA~1mcafee.comagentmcagent.exe
C:PROGRA~1mcafee.comvsomcvsshld.exe
C:Program FilesMicrosoft IntelliPointpoint32.exe
c:progra~1mcafee.comvsomcvsescn.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFTRAY.EXE
C:Program FilesWebrootSpy SweeperSpySweeper.exe
C:Program FilesSwiss Army WareSpamAwayMailGuardMailGuard.exe
C:Program FilesKitcoKcastKcast.exe
C:Program FilesSwiss Army WareSpamAwayAntiSpamAntiSpam.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFAGENT.EXE
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:WINDOWSsystem32gearsec.exe
c:PROGRA~1mcafee.comvsomcvsrte.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFSERVICE.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSSystem32snmp.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wdfmgr.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32fxssvc.exe
c:PROGRA~1mcafee.comvsomcshield.exe
C:WINDOWSSystem32alg.exe
C:Program FilesAIM95aim.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsKathieLocal SettingsTemporary Internet FilesContent.IE58F6J056JHijackThis1991[1].exe

O1 - Hosts: 127.98.9.2 pop-server.charter.net.b9
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpn1ycomp5_6_0_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-0060083493D6} - C:Program FilesDragon SystemsNaturallySpeakingProgramweb_ie.dll
O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-040BCAF82AD6} - C:WINDOWSDownloaded Program FilesCONFLICT.1SbCIe02a.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D7EE-FE6FA781BF33} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpn1ycomp5_6_0_0.dll
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comagentmcupdate.exe
O4 - HKLM..Run: [VirusScan Online] "c:PROGRA~1mcafee.comvsomcvsshld.exe"
O4 - HKLM..Run: [VSOCheckTask] "c:PROGRA~1mcafee.comvsomcmnhdlr.exe" /checktask
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft IntelliPointpoint32.exe"
O4 - HKLM..Run: [MPFExe] C:PROGRA~1MCAFEE.COMPERSON~1MPFTRAY.EXE
O4 - HKCU..Run: [SpySweeper] "C:Program FilesWebrootSpy SweeperSpySweeper.exe" /0
O4 - HKCU..Run: [b9] "C:Program FilesSwiss Army WareSpamAwayMailGuardMailGuard.exe" /minimize
O4 - HKCU..Run: [KITCO] C:Program FilesKitcoKcastKcast
O4 - HKCU..RunOnce: [DelayShred] "C:Program FilesMcAfeeMcAfee Shared ComponentsShredderSHRED32.EXE" /q C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5�DUNOFS3SEARCH~1.SH! C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5ATL2BALO3120-2~1.SH! C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5�DUNOFS3DDL_1~1.SH! C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5I9QV8LM1�_1793~1.SH!
O4 - Startup: AntiSpam.lnk = C:Program FilesSwiss Army WareSpamAwayAntiSpamAntiSpam.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: &Check Spelling - res://C:Program FilesieSpellieSpell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: &ieSpell Options - res://C:Program FilesieSpellieSpell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MI1933~1Office10EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:Program FilesieSpellieSpell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:Program FilesieSpellieSpell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:Program FilesieSpellieSpell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:Program FilesieSpellieSpell.dll
O9 - Extra button: (no name) - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:WINDOWSDownloaded Program FilesCONFLICT.1SbCIe02a.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIM95aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O12 - Plugin for .UVR: C:Program FilesInternet ExplorerPluginsNPUPano.dll
O16 - DPF: Yahoo! MLB StatTracker - http://aud3.sports.dcn.yahoo.com/java/y/mlbst8408_x.cab
O16 - DPF: Yahoo! NFL GameChannel StatTracker - http://aud14.sports.sc5.yahoo.com/j...lgcst1010_x.cab
O16 - DPF: Yahoo! NHL StatTracker - http://aud7.sports.yahoo.com/java/y/nhlst8244_x.cab
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://help.rr.com/Foundrysdccommon...oad/tgctlar.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1493507C-8A33-4747-8696-9019F8962B5F} (QCV6C020.Install) - http://www.quickcleaner.com/qkc11/cab/QCV6C020.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yah...nst20040510.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/s...84/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/12fde57...ip/RdxIE601.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k00719/sb02a.cab
O16 - DPF: {8E28B3A9-FE83-45D1-B657-D5426B81A121} (CustomerCtrl Class) - http://cs5b.instantservice.com/jars...erxsigned35.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yah.../yse/ymmapi.dll
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/s...,21/mcgdmgr.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/...n/bin/cabsa.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/be...aploader_v6.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/i...430/mcfscan.cab
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: GEARSecurity - GEAR Software - C:WINDOWSsystem32gearsec.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:PROGRA~1mcafee.comvsomcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:PROGRA~1MCAFEE.COMPERSON~1MPFSERVICE.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe

View 6 Replies View Related

HijackThis Scan

Apr 2, 2006

My computer may have been affected by a trojan by some site, but firefox may have forbidded that site, i did my scans and things look fine but i just wanna make sure and be on the safe side. Here is my Hijack This log

Logfile of HijackThis v1.99.1
Scan saved at 12:16:06 PM, on 4/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1COMMON~1AOLACSAOLacsd.exe
C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:Program FilesNorton AntiVirus
avapsvc.exe
C:Program FilesNorton AntiVirusIWPNPFMntor.exe
C:Program FilesCommon FilesNew BoundaryPrismXLPRISMXL.SYS
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSALCWZRD.EXE
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCommon FilesAOL1129239772eeAOLSoftware.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32LVCOMSX.EXE
C:Program FilesiPodiniPodService.exe
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesPlaxo2.5.10.17PlaxoHelper.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesHijackThisHijackThis.exe

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.gatewaybiz.com
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.gateway.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnycomp5_5_7_1.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O2 - BHO: CBHOBJObj Object - {8A406068-D45C-40B9-A096-38AC717FB608} - C:WINDOWSBHOBJ.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnycomp5_5_7_1.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [HostManager] C:Program FilesCommon FilesAOL1129239772eeAOLSoftware.exe
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] C:Program FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKCU..Run: [AIM] C:Program FilesAIMaim.exe -cnetwait.odl
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [PlaxoUpdate] C:Program FilesPlaxo2.5.10.17PlaxoHelper.exe -a
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program FilesLogitechVideoManifestEngine.exe" boot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:program filesaolaol toolbar 3.0
esourcesen-USlocalsearch.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIMaim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:PROGRA~1COMMON~1AOLACSAOLacsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton AntiVirus
avapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:Program FilesNorton AntiVirusIWPNPFMntor.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:Program FilesCommon FilesNew BoundaryPrismXLPRISMXL.SYS
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe

View 13 Replies View Related

Minor Hijackthis Log

Dec 28, 2004

We are having some minor problems with a system at work. I was wondering if someone knowledgable about these logs would take a look at it, and see if anything stands out, or needs fixed.

View 8 Replies View Related

100% CPU Usage - HijackThis Log

Mar 28, 2005

I've been having problems with my CPU Usage being around or at 100% for the past few days. Tried spybot and that didn't help. Here is my HijackThis log.

View 4 Replies View Related

Quot - HijackThis Quo

May 29, 2008

Excuse my ignorance but could someone explain what this program is and what does it do?

View 8 Replies View Related

Hijackthis Error?

Mar 16, 2005

Done multiple virus scans with Norton, scanned with ad-aware SE, spybot s&d, re-upgraded the xp pro install. For some reason, Yahoo Instant Messenger, MSN Messenger, Internet Explorer, and Hijackthis, all crash immediately when opened, and give me that stupid blahblahblah has caused a problem and needs to close. Also, trillian has the same problem, as does OE when trying to check my MSN and hotmail accounts, but works fine for my pop3 accounts. AIM works fine, as does firefox. I haven't recently installed or changed anything. I have done 2 system restores, and all attempts to un-install, re-install these programs has failed with the install wizard closing due to some insane problem.

View 8 Replies View Related

Reviewing The HijackThis V1.99.1/ Explorer V6.00?

Jul 9, 2005

Logfile of HijackThis v1.99.1 Scan saved at 9:12:14 PM, on 7/9/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000)

View 3 Replies View Related

Slow Machine -hijackthis Log

Apr 26, 2007

xp pro toshiba laptop has slowed to a crawl. have run the gamut of virus scans, ad aware, spybot, and other attempts to find the issue.

View 9 Replies View Related

Winfixer Problem - Hijackthis Log

Sep 2, 2005

For the past day I've been getting popups from winfixer. I did a system restore to a few days back and the problem was still there. Nortan internet security / anti-virus isn't picking up anything. Ad aware doesn't see anything.

View 1 Replies View Related

Spyware Issues, Hijackthis Log

Dec 23, 2004

Can someone please review this log and inform me what I need to do to clean things up. I use Spybot Search & Destroy but still have spyware issues on my pc. Also keep getting a RUNDLL error and winups.dll errors everytime I log onto the PC.

View 2 Replies View Related

HijackThis V1.98.2 - Messed My Comp

Jun 7, 2005

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...43a6e253a2dae7

View 1 Replies View Related

HijackThis V1.99.1: PC Slow/ Clean Or Check?

Jun 8, 2006

my computer is really slow how to clean or check my HJT log? Logfile of HijackThis v1.99.1

View 4 Replies View Related

Reviewing & Cleaning HJT Logfile Of HijackThis V1.99.1?

Mar 27, 2005

i am not be able to reviewing & cleaning HJT Logfile of HijackThis v1.99.1 how to do that?

View 7 Replies View Related

Adware Problem,need Analysis Of Hijackthis Log

Feb 16, 2007

Tried ad-aware, spybot, spyware doctor etc. to no avail. Need analysis of hijackthis log.

View 2 Replies View Related

Cleaning Possible Vundo/Virtumonde/Downloader ASN.HijackThis Log

Jan 17, 2006

Ran into some virus fun,I think it is gone. I ran vundofix.exe; symantec's vundo fix; virtumonde fix from symantec; trojanhunter; hijackthis; winpatrol; spysweeper; (some in safe mode). And removed a BHO for winlogon.exe with the mljgd.dll. That doesn't exist anymore,

HijackThis Log.

j.

Logfile of HijackThis v1.99.1
Scan saved at 10:36:39 PM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesJavaj2re1.4.2_03injusched.exe
C:windowssystemhpsysdrv.exe
C:HPKBDKBD.EXE
C:WINDOWSsystem32VTTimer.exe
C:WINDOWSAGRSMMSG.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb04.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:WINDOWSsystem32hphmon03.exe
C:WINDOWSALCXMNTR.EXE
C:Program FilesMicrosoft AntiSpywaregcasServ.exe
C:Program FilesMcAfee.comVSOmcvsshld.exe
C:Program FilesMcAfee.comVSOoasclnt.exe
c:progra~1mcafee.comvsomcvsescn.exe
C:PROGRA~1mcafee.comagentmcagent.exe
C:PROGRA~1mcafee.commpsmscifapp.exe
C:Program FilesWebrootSpy SweeperSpySweeper.exe
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
c:program filesmcafee.comagentmcdetect.exe
c:PROGRA~1mcafee.comvsomcshield.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
c:PROGRA~1mcafee.comagentmctskshd.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesWebrootSpy SweeperWRSSSDK.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesAdobeAcrobat 7.0ReaderAcroRd32.exe
C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe
C:Program FilesWindows Media Playerwmplayer.exe
C:Documents and SettingsHP_OwnerDesktopprocexp.exe
C:Program FilesJavaj2re1.4.2_03injucheck.exe
C:PROGRA~1McAfee.comPERSON~1MpfAgent.exe
C:Program FilesMcAfee.comPersonal FirewallMpfTray.exe
C:PROGRA~1McAfee.comPERSON~1MpfService.exe
C:WINDOWSsystem32msiexec.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Documents and SettingsHP_OwnerDesktophijackthisHijackThis.exe

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:program filesmcafee.commpsmcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:program filesmcafee.commpspopupkiller.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:progra~1mcafee.comvsomcvsshl.dll
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06injusched.exe
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HPHUPD06] c:Program FilesHP{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}hphupd06.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [VTTimer] VTTimer.exe
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [Reminder] "C:WindowsCreatorRemind_XP.exe"
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb04.exe
O4 - HKLM..Run: [HP Software Update] "C:Program FilesHPHP Software UpdateHPWuSchd2.exe"
O4 - HKLM..Run: [HPHmon03] C:WINDOWSsystem32hphmon03.exe
O4 - HKLM..Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft AntiSpywaregcasServ.exe"
O4 - HKLM..Run: [VSOCheckTask] "C:PROGRA~1McAfee.comVSOmcmnhdlr.exe" /checktask
O4 - HKLM..Run: [VirusScan Online] C:Program FilesMcAfee.comVSOmcvsshld.exe
O4 - HKLM..Run: [OASClnt] C:Program FilesMcAfee.comVSOoasclnt.exe
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] c:PROGRA~1mcafee.comagentmcupdate.exe
O4 - HKLM..Run: [MPFExe] C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
O4 - HKLM..Run: [MPSExe] c:PROGRA~1mcafee.commpsmscifapp.exe /embedding
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [SpySweeper] "C:Program FilesWebrootSpy SweeperSpySweeper.exe" /startintray
O4 - HKLM..Run: [THGuard] C:Program FilesTrojanHunter 4.2THGuard.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imaginginhpqtra08.exe
O8 - Extra context menu item: Add To HP Organize... - C:PROGRA~1HEWLET~1HPORGA~1incore.hp.mainSendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MI1933~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06in
pjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06in
pjpi150_06.dll
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:Program FilesHelloPicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:Program FilesHelloPicasaCapture.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1097093077531
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/inst...l/pinstall.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?322
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:WINDOWSSYSTEM32WRLogonNTF.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:program filesmcafee.comagentmcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:PROGRA~1mcafee.comagentmctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:PROGRA~1McAfee.comPERSON~1MpfService.exe
O23 - Service: Pml Driver - HP - C:WINDOWSsystem32HPHipm09.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:Program FilesWebrootSpy SweeperWRSSSDK.exe

View 6 Replies View Related

HijackThis Log & Ad Aware Log - Websites Wont Open

Apr 2, 2005

My desktop wallpaper changed and won't change back and all my folders and things that were on my desktop are gone, but when I search for them it says that they are on my desktop and I can't right-click on anything. And if I make a new folder it doubles. And certain websites won't open for me (mail.com, lavasoft support boards, and urbanoutfitters.com). I've run Norton, Spybot, Ad-Aware,and Ad-Away.

Logfile of HijackThis v1.99.1
Scan saved at 4:55:58 PM, on 4/2/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe................

View 14 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved