Slow Machine -hijackthis Log
Apr 26, 2007xp pro toshiba laptop has slowed to a crawl. have run the gamut of virus scans, ad aware, spybot, and other attempts to find the issue.
View 9 Repliesxp pro toshiba laptop has slowed to a crawl. have run the gamut of virus scans, ad aware, spybot, and other attempts to find the issue.
View 9 Repliesmy computer is really slow how to clean or check my HJT log? Logfile of HijackThis v1.99.1
My computer is very slow, so I run a Hijackthis on it. Figured you guys could tell me what to have fixed.
View 2 Replies View RelatedMy system is incredibly slow opening programs. Real slow! Could someone take a look at my HJT log and see if anything is there?
View 4 Replies View Relatedmy pc is running especially slow. it appears to be free from any viruses or spyware i run avg, adaware and spybot alongside symantec corporate edition antivirus and all scans come through as normal. any ideas what could be causing this? i know this is a bit vague.
View 2 Replies View Relateda classic slow responding computer, complete with slow opening of browser, choppy videos (buffering related I guess) on Windows Media Player 10 and general sluggishness all around. I'm careful to keep up to speed on my Spybot and Ad-aware SE programs and run my McAfee virus program regularly. They all have appeared to run clean. At the most recent startup before this writing, Task Manager told me there were 53 processes going on. Is that way too much.?
View 14 Replies View Relatedthe PC that I'm using (Dell 4600) is a great little machine, but it has many issues: very slow (despite 3.2GHz processor and 2G RAM), has noise in its core audio, and its HDD fragments too often to be useful for video editing. No biggie - so here's my question: For XP, what would be the best machine out there for audio and video work? I feel that my current machine's bottlenecks and other difficulties coul be residing within its motherboard, hence, my consideration for a possible replacement. If there are any good experiences out there, I'd like to know of them, be they with manufactured PCs as well as ones built part by part (names of motherboard manufactures would be great).
View 7 Replies View RelatedI have a Dell Dimension 9100 with 3GHz Pentium 512MB ram, running windows XP. It was top-of-the-line when I bought it, but is now about 4 years old. Over time, the machine has been running slower and slower, especially since I run Apple's itunes, and firefox, which I assume are resource hogs from looking at the Task Manager's processes tab. Lately, it has taken forever for the machine to load windows, or wake up from sleep. Nothing dramatic or noticeable that I could point to, just a gradual slowing down. I always attributed it to an aging computer and lack of memory. So this week, I purchased 2 GB of additional RAM. I've correctly installed it and confirmed, from MyComputer System Properties, that I now have 2.5 GB of RAM installed. I was expecting a big change in speed, but there doesn't seem to be that much of a difference. I have Symantec FireWall and AntiVirus running, ( it was original to the system) and am afraid to remove it.About a year ago, under advice of an IT friend, I also installed AVG and Spybot Search&Destroy.
View 14 Replies View RelatedRecently, my computer's startup in Windows XP has been getting slower and slower, the first loading screen takes a little while, but the most annoying part is that once I'm inside Windows, everything appears loaded, except for the icons in the taskbar, and I cannot click on the Start button or do anything, I must wait for the entire system to finish loading before I can do anything. I don't have many programs in my startup either.
View 12 Replies View RelatedToshiba M50 XP Machine is very slow to boot up, and it then takes at least 5 minutes for Firefox to open after that.Every scan I run gives the machine a clean bill of health, and often congratulates me on the machine being fully clean.Just today I added HDD Health, and that gives a report of excellent health, and a 100% rating, even though the machine is getting on for 5 years old.When I look at Task Manager Processes during the long boot up it says "not responding".I am with Eircom Broadband, and my Eircom Mail, using Thunderbird, says that it cannot contact server.I can get the mails on other machines - Win 7 or Vista
View 14 Replies View RelatedMy emachine is running so slow that you have to wait for the START key to respond! I ran adaware and spybot, they found data miners, ad programs etc. I also renewed the mcaffe program lately which has caused additional slowdown
View 2 Replies View RelatedCan I copy the data of remote desktop to my Local machine.
View 1 Replies View RelatedSpybot Search & Destroy found abetterinternet.aurora and wwwcoolsearch. I have attached my information from hijackthis and hope someone can help me get rid of this.
Thanks in advance for any help.
Logfile of HijackThis v1.99.1
Scan saved at 8:11:53 PM, on 8/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32cisvc.exe
C:PROGRA~1IomegaSystem32AppServices.exe
c:PROGRA~1mcafee.comvsomcvsrte.exe
C:WINDOWSsystem32RioMSC.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
c:PROGRA~1mcafee.comvsomcshield.exe
C:WINDOWSExplorer.EXE
C:Program FilesMcAfeeMcAfee AntiSpywareMssCli.exe
C:PROGRA~1mcafee.comvsomcvsshld.exe
C:PROGRA~1mcafee.comagentmcagent.exe
C:Program FilesMcAfeeMcAfee Shared ComponentsGuardianCMGrdian.exe
C:WINDOWSBCMSMMSG.exe
C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe
C:PROGRA~1mcafee.comvsomcvsescn.exe
C:Program FilesJavajre1.5.0_02injusched.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
C:WINDOWSSystem32mhbj99d7.exe
C:WINDOWSSystem32hkcmd.exe
C:WINDOWSsystem32
undll32.exe
C:WINDOWSsystem32
undll32.exe
C:Program FilesRoxioEasy CD Creator 5DirectCDDirectCD.exe
C:Program FilesDell SupportDSAgnt.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32cidaemon.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesHijackThisHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.dellnet.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.yahoo.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = about:blank
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = http://localhost
R3 - URLSearchHook: (no name) - _{4FC95EDD-4796-4966-9049-29649C80111D} - (no file)
R3 - URLSearchHook: (no name) - _{0199DF25-9820-4bd5-9FEE-5A765AB4371E} - (no file)
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {02B87ED9-9E43-E09C-1AC4-92BC697FB39C} - blank (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {07B87EDB-9E32-97EC-1AC6-9ABC1C7BB39B} - blank (file missing)
O2 - BHO: (no name) - {1FFB474E-FAFE-F077-D4EC-F80A070CA69D} - blank (file missing)
O2 - BHO: (no name) - {2FD6774C-D7BC-B233-F9DE-C02742388BAA} - blank (file missing)
O2 - BHO: (no name) - {37954ED9-B370-D5A8-37F4-A291594F9EAC} - blank (file missing)
O2 - BHO: (no name) - {3CAB4059-E440-2BC1-8156-6C5578F07B1F} - blank (file missing)
O2 - BHO: (no name) - {3FFD1251-E967-0AE8-D256-64550DA57A4C} - blank (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll
O2 - BHO: (no name) - {5C8D9187-322B-5FA8-3FFF-775C454EACAD} - blank (file missing)
O2 - BHO: SDWin32 Class - {5FA6752A-C4A0-4222-88C2-928AE5AB4966} - blank (file missing)
O2 - BHO: MyBHOSpy Class - {C52CBAEC-D969-4635-9F50-426CC15CE463} - C:WINDOWSSystem32416881af.dll
O2 - BHO: (no name) - {CB266942-87D6-FA5E-D33D-884DF6F17C95} - blank (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comagentMcUpdate.exe
O4 - HKLM..Run: [_AntiSpyware] C:Program FilesMcAfeeMcAfee AntiSpywareMssCli.exe
O4 - HKLM..Run: [VSOCheckTask] "c:PROGRA~1mcafee.comvsomcmnhdlr.exe" /checktask
O4 - HKLM..Run: [VirusScan Online] "c:PROGRA~1mcafee.comvsomcvsshld.exe"
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [McAfee Guardian] "C:Program FilesMcAfeeMcAfee Shared ComponentsGuardianCMGrdian.exe" /SU
O4 - HKLM..Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_02injusched.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [NeroCheck] C:WINDOWSSystem32NeroCheck.exe
O4 - HKLM..Run: [msresearch] C:WINDOWSmsresearch.exe
O4 - HKLM..Run: [mmtask] C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
O4 - HKLM..Run: [mhbj99d7] C:WINDOWSSystem32mhbj99d7.exe
O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM..Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKLM..Run: [AdaptecDirectCD] "C:Program FilesRoxioEasy CD Creator 5DirectCDDirectCD.exe"
O4 - HKCU..Run: [DellSupport] "C:Program FilesDell SupportDSAgnt.exe" /startup
O4 - HKCU..Run: [AIM] C:PROGRA~1AIMaim.exe -cnetwait.odl
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_02in
pjpi150_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:PROGRA~1AIMaim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Me.../bridge-c9.cab
O16 - DPF: {33288993-5664-11D4-8B5B-00D0B73B3518} (ell Class) - http://www.easports.com/downloads/ga...mmon/ieell.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...4/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...21/mcgdmgr.cab
O16 - DPF: {C8BAC37C-A8D2-425E-B7FC-80B9537FB14A} - http://www.spyblast.com/download/SBFullSInst.cab
O16 - DPF: {D97287B6-4018-4060-948D-54D2122FC5C3} - http://www.fastfind.org/ss/client/52...3C00/setup.exe
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: Iomega App Services - Iomega Corporation - C:PROGRA~1IomegaSystem32AppServices.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:PROGRA~1mcafee.comvsomcvsrte.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:WINDOWSsystem32RioMSC.exe
MY computer is running slow. I have a cable connection with Charter. I run McAfee firewall and antivirus, Spybot Search and Destroy, Ad-Aware SE Personal, Ace Utilities, WinASO Disk Clearner, Error Nuker and Executive Software to defrag.
I just downloaded HijackThis and ran it. Here is the print out:
Logfile of HijackThis v1.99.1
Scan saved at 7:31:57 PM, on 5/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:PROGRA~1mcafee.comagentmcagent.exe
C:PROGRA~1mcafee.comvsomcvsshld.exe
C:Program FilesMicrosoft IntelliPointpoint32.exe
c:progra~1mcafee.comvsomcvsescn.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFTRAY.EXE
C:Program FilesWebrootSpy SweeperSpySweeper.exe
C:Program FilesSwiss Army WareSpamAwayMailGuardMailGuard.exe
C:Program FilesKitcoKcastKcast.exe
C:Program FilesSwiss Army WareSpamAwayAntiSpamAntiSpam.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFAGENT.EXE
C:Program FilesExecutive SoftwareDiskeeperDkService.exe
C:WINDOWSsystem32gearsec.exe
c:PROGRA~1mcafee.comvsomcvsrte.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFSERVICE.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSSystem32snmp.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wdfmgr.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32fxssvc.exe
c:PROGRA~1mcafee.comvsomcshield.exe
C:WINDOWSSystem32alg.exe
C:Program FilesAIM95aim.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsKathieLocal SettingsTemporary Internet FilesContent.IE58F6J056JHijackThis1991[1].exe
O1 - Hosts: 127.98.9.2 pop-server.charter.net.b9
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpn1ycomp5_6_0_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: DgnWebIE - {2843DAC1-05EF-11D2-95BA-0060083493D6} - C:Program FilesDragon SystemsNaturallySpeakingProgramweb_ie.dll
O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-040BCAF82AD6} - C:WINDOWSDownloaded Program FilesCONFLICT.1SbCIe02a.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:progra~1mcafee.comvsomcvsshl.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D7EE-FE6FA781BF33} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpn1ycomp5_6_0_0.dll
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comagentmcupdate.exe
O4 - HKLM..Run: [VirusScan Online] "c:PROGRA~1mcafee.comvsomcvsshld.exe"
O4 - HKLM..Run: [VSOCheckTask] "c:PROGRA~1mcafee.comvsomcmnhdlr.exe" /checktask
O4 - HKLM..Run: [IntelliPoint] "C:Program FilesMicrosoft IntelliPointpoint32.exe"
O4 - HKLM..Run: [MPFExe] C:PROGRA~1MCAFEE.COMPERSON~1MPFTRAY.EXE
O4 - HKCU..Run: [SpySweeper] "C:Program FilesWebrootSpy SweeperSpySweeper.exe" /0
O4 - HKCU..Run: [b9] "C:Program FilesSwiss Army WareSpamAwayMailGuardMailGuard.exe" /minimize
O4 - HKCU..Run: [KITCO] C:Program FilesKitcoKcastKcast
O4 - HKCU..RunOnce: [DelayShred] "C:Program FilesMcAfeeMcAfee Shared ComponentsShredderSHRED32.EXE" /q C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5�DUNOFS3SEARCH~1.SH! C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5ATL2BALO3120-2~1.SH! C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5�DUNOFS3DDL_1~1.SH! C:DOCUME~1KathieLOCALS~1TEMPOR~1Content.IE5I9QV8LM1�_1793~1.SH!
O4 - Startup: AntiSpam.lnk = C:Program FilesSwiss Army WareSpamAwayAntiSpamAntiSpam.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: &Check Spelling - res://C:Program FilesieSpellieSpell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: &ieSpell Options - res://C:Program FilesieSpellieSpell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MI1933~1Office10EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:Program FilesieSpellieSpell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:Program FilesieSpellieSpell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:Program FilesieSpellieSpell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:Program FilesieSpellieSpell.dll
O9 - Extra button: (no name) - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:WINDOWSDownloaded Program FilesCONFLICT.1SbCIe02a.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIM95aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:PROGRA~1YAHOO!MESSEN~1YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O12 - Plugin for .UVR: C:Program FilesInternet ExplorerPluginsNPUPano.dll
O16 - DPF: Yahoo! MLB StatTracker - http://aud3.sports.dcn.yahoo.com/java/y/mlbst8408_x.cab
O16 - DPF: Yahoo! NFL GameChannel StatTracker - http://aud14.sports.sc5.yahoo.com/j...lgcst1010_x.cab
O16 - DPF: Yahoo! NHL StatTracker - http://aud7.sports.yahoo.com/java/y/nhlst8244_x.cab
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://help.rr.com/Foundrysdccommon...oad/tgctlar.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1493507C-8A33-4747-8696-9019F8962B5F} (QCV6C020.Install) - http://www.quickcleaner.com/qkc11/cab/QCV6C020.CAB
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yah...nst20040510.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/s...84/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/12fde57...ip/RdxIE601.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k00719/sb02a.cab
O16 - DPF: {8E28B3A9-FE83-45D1-B657-D5426B81A121} (CustomerCtrl Class) - http://cs5b.instantservice.com/jars...erxsigned35.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yah.../yse/ymmapi.dll
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/s...,21/mcgdmgr.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/...n/bin/cabsa.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/be...aploader_v6.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/i...430/mcfscan.cab
O23 - Service: Diskeeper - Executive Software International, Inc. - C:Program FilesExecutive SoftwareDiskeeperDkService.exe
O23 - Service: GEARSecurity - GEAR Software - C:WINDOWSsystem32gearsec.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:PROGRA~1mcafee.comvsomcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:PROGRA~1MCAFEE.COMPERSON~1MPFSERVICE.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe
My computer may have been affected by a trojan by some site, but firefox may have forbidded that site, i did my scans and things look fine but i just wanna make sure and be on the safe side. Here is my Hijack This log
Logfile of HijackThis v1.99.1
Scan saved at 12:16:06 PM, on 4/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1COMMON~1AOLACSAOLacsd.exe
C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:Program FilesNorton AntiVirus
avapsvc.exe
C:Program FilesNorton AntiVirusIWPNPFMntor.exe
C:Program FilesCommon FilesNew BoundaryPrismXLPRISMXL.SYS
C:WINDOWSsystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSALCWZRD.EXE
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCommon FilesAOL1129239772eeAOLSoftware.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32LVCOMSX.EXE
C:Program FilesiPodiniPodService.exe
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesPlaxo2.5.10.17PlaxoHelper.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesHijackThisHijackThis.exe
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.gatewaybiz.com
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.gateway.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnycomp5_5_7_1.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O2 - BHO: CBHOBJObj Object - {8A406068-D45C-40B9-A096-38AC717FB608} - C:WINDOWSBHOBJ.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnycomp5_5_7_1.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [HostManager] C:Program FilesCommon FilesAOL1129239772eeAOLSoftware.exe
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] C:Program FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKCU..Run: [AIM] C:Program FilesAIMaim.exe -cnetwait.odl
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [PlaxoUpdate] C:Program FilesPlaxo2.5.10.17PlaxoHelper.exe -a
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb-8876480.exe
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program FilesLogitechVideoManifestEngine.exe" boot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:program filesaolaol toolbar 3.0
esourcesen-USlocalsearch.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIMaim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:PROGRA~1COMMON~1AOLACSAOLacsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton AntiVirus
avapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:Program FilesNorton AntiVirusIWPNPFMntor.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:Program FilesCommon FilesNew BoundaryPrismXLPRISMXL.SYS
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
We are having some minor problems with a system at work. I was wondering if someone knowledgable about these logs would take a look at it, and see if anything stands out, or needs fixed.
View 8 Replies View RelatedI've been having problems with my CPU Usage being around or at 100% for the past few days. Tried spybot and that didn't help. Here is my HijackThis log.
View 4 Replies View RelatedExcuse my ignorance but could someone explain what this program is and what does it do?
View 8 Replies View RelatedDone multiple virus scans with Norton, scanned with ad-aware SE, spybot s&d, re-upgraded the xp pro install. For some reason, Yahoo Instant Messenger, MSN Messenger, Internet Explorer, and Hijackthis, all crash immediately when opened, and give me that stupid blahblahblah has caused a problem and needs to close. Also, trillian has the same problem, as does OE when trying to check my MSN and hotmail accounts, but works fine for my pop3 accounts. AIM works fine, as does firefox. I haven't recently installed or changed anything. I have done 2 system restores, and all attempts to un-install, re-install these programs has failed with the install wizard closing due to some insane problem.
View 8 Replies View RelatedLogfile of HijackThis v1.99.1 Scan saved at 9:12:14 PM, on 7/9/2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000)
View 3 Replies View RelatedFor the past day I've been getting popups from winfixer. I did a system restore to a few days back and the problem was still there. Nortan internet security / anti-virus isn't picking up anything. Ad aware doesn't see anything.
View 1 Replies View RelatedCan someone please review this log and inform me what I need to do to clean things up. I use Spybot Search & Destroy but still have spyware issues on my pc. Also keep getting a RUNDLL error and winups.dll errors everytime I log onto the PC.
View 2 Replies View RelatedO16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...43a6e253a2dae7
i am not be able to reviewing & cleaning HJT Logfile of HijackThis v1.99.1 how to do that?
View 7 Replies View RelatedTried ad-aware, spybot, spyware doctor etc. to no avail. Need analysis of hijackthis log.
View 2 Replies View RelatedHello there after lots of previous problem with my pc. I have formated my PC and though running ok whenever i access Security Centre or the Control Panel neither will respond. Please help. H Here is the Hijack this log file....
Logfile of HijackThis v1.99.1
Scan saved at 14:56:23, on 01/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSsystem32slserv.exe
C:WINDOWSzHotkey.exe
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesDigital Media Readershwiconem.exe
C:WINDOWSALCWZRD.EXE
C:PROGRA~1GrisoftAVGFRE~1avgcc.exe
C:PROGRA~1GrisoftAVGFRE~1avgemc.exe
C:WINDOWSsystem32
undll32.exe
C:WINDOWSexplorer.exe
C:Program FilesInternet Exploreriexplore.exe
C:DOCUME~1PAULSM~1LOCALS~1TempTemporary Directory 1 for hijackthis[1].zipHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://news.bbc.co.uk/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.msn.co.uk
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM..Run: [CHotkey] zHotkey.exe
O4 - HKLM..Run: [ShowWnd] ShowWnd.exe
O4 - HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [SunKistEM] C:Program FilesDigital Media Readershwiconem.exe
O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP
O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GrisoftAVGFRE~1avgemc.exe
O4 - HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2in
pjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2in
pjpi142.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.msn.co.uk
O16 - DPF: {131EB16C-BD58-443F-8151-6DFBB0DA1778} (Anark Client 3.0 ActiveX Control) - http://install.anark.com/client/vers...n/AMClient.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:Program FilesCommon FilesMacromedia SharedServiceMacromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:WINDOWSSYSTEM32slserv.exe
Ran into some virus fun,I think it is gone. I ran vundofix.exe; symantec's vundo fix; virtumonde fix from symantec; trojanhunter; hijackthis; winpatrol; spysweeper; (some in safe mode). And removed a BHO for winlogon.exe with the mljgd.dll. That doesn't exist anymore,
HijackThis Log.
j.
Logfile of HijackThis v1.99.1
Scan saved at 10:36:39 PM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesJavaj2re1.4.2_03injusched.exe
C:windowssystemhpsysdrv.exe
C:HPKBDKBD.EXE
C:WINDOWSsystem32VTTimer.exe
C:WINDOWSAGRSMMSG.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb04.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:WINDOWSsystem32hphmon03.exe
C:WINDOWSALCXMNTR.EXE
C:Program FilesMicrosoft AntiSpywaregcasServ.exe
C:Program FilesMcAfee.comVSOmcvsshld.exe
C:Program FilesMcAfee.comVSOoasclnt.exe
c:progra~1mcafee.comvsomcvsescn.exe
C:PROGRA~1mcafee.comagentmcagent.exe
C:PROGRA~1mcafee.commpsmscifapp.exe
C:Program FilesWebrootSpy SweeperSpySweeper.exe
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32driversCDAC11BA.EXE
c:program filesmcafee.comagentmcdetect.exe
c:PROGRA~1mcafee.comvsomcshield.exe
c:progra~1mcafee.comvsomcvsftsn.exe
C:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
c:PROGRA~1mcafee.comagentmctskshd.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesWebrootSpy SweeperWRSSSDK.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesAdobeAcrobat 7.0ReaderAcroRd32.exe
C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe
C:Program FilesWindows Media Playerwmplayer.exe
C:Documents and SettingsHP_OwnerDesktopprocexp.exe
C:Program FilesJavaj2re1.4.2_03injucheck.exe
C:PROGRA~1McAfee.comPERSON~1MpfAgent.exe
C:Program FilesMcAfee.comPersonal FirewallMpfTray.exe
C:PROGRA~1McAfee.comPERSON~1MpfService.exe
C:WINDOWSsystem32msiexec.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Documents and SettingsHP_OwnerDesktophijackthisHijackThis.exe
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:program filesmcafee.commpsmcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:program filesmcafee.commpspopupkiller.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:progra~1mcafee.comvsomcvsshl.dll
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06injusched.exe
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HPHUPD06] c:Program FilesHP{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}hphupd06.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [VTTimer] VTTimer.exe
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [Reminder] "C:WindowsCreatorRemind_XP.exe"
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb04.exe
O4 - HKLM..Run: [HP Software Update] "C:Program FilesHPHP Software UpdateHPWuSchd2.exe"
O4 - HKLM..Run: [HPHmon03] C:WINDOWSsystem32hphmon03.exe
O4 - HKLM..Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft AntiSpywaregcasServ.exe"
O4 - HKLM..Run: [VSOCheckTask] "C:PROGRA~1McAfee.comVSOmcmnhdlr.exe" /checktask
O4 - HKLM..Run: [VirusScan Online] C:Program FilesMcAfee.comVSOmcvsshld.exe
O4 - HKLM..Run: [OASClnt] C:Program FilesMcAfee.comVSOoasclnt.exe
O4 - HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] c:PROGRA~1mcafee.comagentmcupdate.exe
O4 - HKLM..Run: [MPFExe] C:PROGRA~1McAfee.comPERSON~1MpfTray.exe
O4 - HKLM..Run: [MPSExe] c:PROGRA~1mcafee.commpsmscifapp.exe /embedding
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [SpySweeper] "C:Program FilesWebrootSpy SweeperSpySweeper.exe" /startintray
O4 - HKLM..Run: [THGuard] C:Program FilesTrojanHunter 4.2THGuard.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imaginginhpqtra08.exe
O8 - Extra context menu item: Add To HP Organize... - C:PROGRA~1HEWLET~1HPORGA~1incore.hp.mainSendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MI1933~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06in
pjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06in
pjpi150_06.dll
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:Program FilesHelloPicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:Program FilesHelloPicasaCapture.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1097093077531
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/inst...l/pinstall.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/sj/en/check/qdiagh.cab?322
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:WINDOWSSYSTEM32WRLogonNTF.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:WINDOWSsystem32driversCDAC11BA.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:program filesmcafee.comagentmcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:PROGRA~1mcafee.comvsomcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:PROGRA~1mcafee.comagentmctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:PROGRA~1McAfee.comAgentmcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:PROGRA~1McAfee.comPERSON~1MpfService.exe
O23 - Service: Pml Driver - HP - C:WINDOWSsystem32HPHipm09.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:Program FilesWebrootSpy SweeperWRSSSDK.exe
My desktop wallpaper changed and won't change back and all my folders and things that were on my desktop are gone, but when I search for them it says that they are on my desktop and I can't right-click on anything. And if I make a new folder it doubles. And certain websites won't open for me (mail.com, lavasoft support boards, and urbanoutfitters.com). I've run Norton, Spybot, Ad-Aware,and Ad-Away.
Logfile of HijackThis v1.99.1
Scan saved at 4:55:58 PM, on 4/2/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe................
i have windows xp, and lately my comps been real slow startin up. its not so bad gettin to the desktop but from there it just pretty much freezes anywhere from 4 to 8 minutes i'd say, something like that. also sometimes windows just lags completly i don't know. well i looked at some similar topics an still have no clue what to do but i did install HJT and well heres my log:
Logfile of HijackThis v1.99.1
Scan saved at 2:12:29 AM, on 10/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe..........
The memory runs out on my computer when I open additional windows on my PC and I have 512 MB of RAM. I use internet explorer 6 and with windows xp home edition. Then I have to use Disc Cleanup to get more space by compressing old files and deleting temporary files. I cannot even run this utility when the windows are open and I cannot close windows sometimes so I have to shut down Internet Explorer and restart my computer.
View 14 Replies View RelatedI figured I could search this problem up and find it here... I did.. NUMEROUS times... but my problem is.my HiJackThis program doesnt stay open either! I managed to get a logfile made.not sure how complete it is... before HiJackThis was shut down... heres the file.
View 6 Replies View Related