Suspician Of Virus - Hijack This Log Included
Dec 26, 2005
Hi i am on a labtop and i have a suspision of a virus or trojans or both. Please here is my HJT log please read over and tell me whats wrong if there is anything:
Logfile of HijackThis v1.99.1
Scan saved at 3:37:04 PM, on 26/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
View 4 Replies
ADVERTISEMENT
Feb 12, 2008
Not sure what the problem is, PC just keeps freezing up on me.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:26, on 12/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
View 7 Replies
View Related
Jul 10, 2005
Having random system reboots and cannot find the cause as of yet. Asking for any help in this manner as my system means a lot to me. Do all my maintence and run all scanners to try my best to keep my system healthy, but recently because of these reboots, it has led me to believe that there is something deeper going on and am in need of an expert
View 7 Replies
View Related
Oct 21, 2005
my laptop has recently been running extremely slowly, and I can't figure out what's wrong with it.
This is my hijack this log.
Logfile of HijackThis v1.99.1
Scan saved at 7:19:30 PM, on 10/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
View 8 Replies
View Related
Jan 16, 2005
I have run Ad-Aware & Spybot on a regular basis (2-3 times/week), Norton Antivirus atleast once per week and defrags once a week. System boots slowly and when I start just about any application, it seems to take forever for it to come up.
HP Media Center PC psc x876. 2.4 Ghz Processor, 512 MB RAM.
View 11 Replies
View Related
Sep 21, 2005
Would someone mind taking a look at my hijack this log and let me know if there's a problem. My computer has been running awfully slow and hanging quite a bit lately.
Logfile of HijackThis v1.99.1
Scan saved at 1:07:36 PM, on 9/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
View 2 Replies
View Related
Mar 10, 2010
My computer takes over an hour to load when it is first turned on and after that programs run extremely slowly. It is a Hp Pavilion, with an Intel Celeron Processor. It has 256 MB DDR SDRAM Memory and a 60GB Ultra DMA hard drive.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:06:49 PM, on 3/10/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
View 14 Replies
View Related
Aug 27, 2006
Getting a Ntdll.dll error that is crashing my IE browser.
Logfile of HijackThis v1.99.1
Scan saved at 2:26:22 AM, on 8/27/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:Program FilesBroadJumpClient FoundationCFD.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:WINDOWSSystem32cisvc.exe
C:Program Filesewido anti-spyware 4.0guard.exe
C:Program Filesone LabsoneAlarmzlclient.exe
C:Program FilesJavajre1.5.0_06injusched.exe
C:PROGRA~1AWSWEATHE~1Weather.exe
C:Program FilesNorton AntiVirus 2004
avapsvc.exe
C:Program FilesYourWare SolutionsFreeRAM XP ProFreeRAM XP Pro.exe
C:Program FilesKodakKODAK Software Updater7288971ProgramKodak Software Updater.exe
C:Program FilesNorton AntiVirus 2004SAVScan.exe
C:Program FilesSpeed Disk
opdb.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
C:WINDOWSsystem32oneLabsvsmon.exe
C:Program FilesWebrootSpy SweeperSpySweeper.exe
C:WINDOWSSystem32wuauclt.exe
C:WINDOWSSystem32cidaemon.exe
C:Documents and SettingsERIC2DesktopIEXPLORE.EXE
C:PROGRA~1DAPDAP.EXE
C:WINDOWSSystem32wuauclt.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesHijackthisPuppy.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.msnbc.msn.com/
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.msnbc.msn.com/
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {15178E23-74E4-49F9-932D-4D97C38A3B3B} - C:VundoFix Backupssstqr.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:Program FilesSpywareGuarddlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program FilesSpybot - Search & DestroySDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:Program FilesSiber SystemsAI RoboFormRoboForm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06inssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar5.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton AntiVirus 2004NavShExt.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:Program FilesDAPDAPIEBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:Program FilesSiber SystemsAI RoboFormRoboForm.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirus 2004NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar5.dll
O4 - HKLM..Run: [BJCFD] "C:Program FilesBroadJumpClient FoundationCFD.exe"
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [NvCplDaemon] "RUNDLL32.EXE" C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] "nwiz.exe" /install
O4 - HKLM..Run: [NvMediaCenter] "RUNDLL32.EXE" C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [Zone Labs Client] "C:Program Filesone LabsoneAlarmzlclient.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.5.0_06injusched.exe"
O4 - HKCU..Run: [Weather] C:PROGRA~1AWSWEATHE~1Weather.exe 1
O4 - HKCU..Run: [FreeRAM XP] "C:Program FilesYourWare SolutionsFreeRAM XP ProFreeRAM XP Pro.exe" -win
O4 - Global Startup: KODAK Software Updater.lnk = C:Program FilesKodakKODAK Software Updater7288971ProgramKodak Software Updater.exe
O8 - Extra context menu item: &Download with &DAP - C:PROGRA~1DAPdapextie.htm
O8 - Extra context menu item: &Google Search - res://c:program filesgoogleGoogleToolbar5.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:program filesgoogleGoogleToolbar5.dll/cmwordtrans.html
O8 - Extra context menu item: Add to AD Black List - C:Program FilesAvant BrowserAddToADBlackList.htm
O8 - Extra context menu item: Backward Links - res://c:program filesgoogleGoogleToolbar5.dll/cmbacklinks.html
O8 - Extra context menu item: Block All Images from the Same Server - C:Program FilesAvant BrowserAddAllToADBlackList.htm
O8 - Extra context menu item: Cached Snapshot of Page - res://c:program filesgoogleGoogleToolbar5.dll/cmcache.html
O8 - Extra context menu item: Customize Menu&4 - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download &all with DAP - C:PROGRA~1DAPdapextie2.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:Program FilesFree Download Managerdlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:Program FilesFree Download Managerdlselected.htm
O8 - Extra context menu item: Download web site with Free Download Manager - file://C:Program FilesFree Download Managerdlpage.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:Program FilesFree Download Managerdllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms&] - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html
O8 - Extra context menu item: Highlight - C:Program FilesAvant BrowserHighlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:Program FilesAvant BrowserOpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:Program FilesAvant BrowserOpenInNewBrowser.htm
O8 - Extra context menu item: RoboForm&2 - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms&[ - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html
O8 - Extra context menu item: Search - C:Program FilesAvant BrowserSearch.htm
O8 - Extra context menu item: Similar Pages - res://c:program filesgoogleGoogleToolbar5.dll/cmsimilar.html
O8 - Extra context menu item: Sothink SWF Catcher - C:Program FilesCommon FilesSourceTecSWF CatcherInternetExplorer.htm
O8 - Extra context menu item: Translate Page into English - res://c:program filesgoogleGoogleToolbar5.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06inssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06inssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms&] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms&[ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm&2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:Program FilesCommon FilesSourceTecSWF CatcherInternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:Program FilesCommon FilesSourceTecSWF CatcherInternetExplorer.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengerMSMSGS.EXE
O15 - Trusted Zone: www.pcpitstop.com
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://help.rr.com/Foundrysdccommon/...ad/tgctlar.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommo...ad/tgctlcm.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...l/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/tech...rl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...rl/tgctlsr.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-36.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1098571318045
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1134435680593
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall.trendmicro-europ...vex/hcImpl.cab
O16 - DPF: {89D75D39-5531-47BA-9E4F-B346BA9C362C} (CWDL_DownLoadControl Class) - http://www.callwave.com/include/cab/CWDL_DownLoad.CAB
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://rtc1.webresponse.one.microso.../TLIEFlash.CAB
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} (Plaxo Auto-Import Utility) - https://www.plaxo.com/activex/plx_upldr-2k-xp.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:Program FilesCommon FilesMicrosoft SharedHelphxds.dll
O20 - Winlogon Notify: WRNotifier - C:WINDOWSSYSTEM32WRLogonNTF.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:Program Filesewido anti-spyware 4.0guard.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:WINDOWSsystem32driversKodakCCS.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton AntiVirus 2004
avapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32
vsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:Program FilesSiSoftwareSiSoftware Sandra Lite 2007Win32RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:Program FilesSiSoftwareSiSoftware Sandra Lite 2007RpcSandraSrv.exe
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton AntiVirus 2004SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:Program FilesSpeed Disk
opdb.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32oneLabsvsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:Program FilesWebrootSpy SweeperSpySweeper.exe
View 2 Replies
View Related
Mar 13, 2007
I have run ad-aware as well as Registry Booster Registered edition
View 4 Replies
View Related
Aug 13, 2005
I'm looking to purchase a notebook and learned a XP Home CD or a Bootable CD isn't included. XP Home is already installed. Isn't a XP CD needed to load uninstalled XP features plus to insert at various times when prompted? Also, can a bootable CD be purchased? If both are purchased at retail, would they be compatible with the installed version of XP Home and with the keycode differences? To be prepared for maintenance, what is needed to support XP Home?
View 16 Replies
View Related
Jun 23, 2006
I run dual monitor at work, which is actually consisting a laptop (secondary) and a 19" LCD monitor as primary. Is there a way to have different wallpaper on each? There's gotta be a way, but I don't think you can using built-in Windows stuff. maybe there's a prog out there that would let you? Right now if you apply a wallpaper, applies to both screens.
View 7 Replies
View Related
Jul 25, 2008
Trying to fix my friends computer thought I would be done in an hour or so but I ran into a retarded problem when trying to boot from the windows cd. Here is some information I know off the top of my head. If you have any input please let me know, I'm trying to get this done before tonight since its Friday
View 9 Replies
View Related
Feb 26, 2008
Curious if anyone here can see any problems in here I can't.
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20733)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32oneLabsvsmon.exe..................
View 5 Replies
View Related
Oct 20, 2005
This is from my own computer ,it seems to have got slower and slower in starting up.
View 11 Replies
View Related
Oct 8, 2009
i was reading an old thread about the log on log off loop because my computer was expirencing the same difficulties, i managed to fix the promblem and log back on, but the end of the old thread i was reading(expired now) said to run hijack this and to send in the log file, so im sending mine now to avoid this promblem in the future,can someone tell me if there is still something wrong with my computer and i have a dell inspiron 1100 sp3.
this is my log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:02:11 AM, on 10/8/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32hkcmd.exe
C:WINDOWSSystem32igfxtray.exe
C:Program FilesNETGEARWPN511UtilityWPN511.exe
C:WINDOWSBCMSMMSG.exe
C:WINDOWSsystem32ctfmon.exe
C:Documents and SettingsOwnerApplication DataU335155111AD82C629LaunchPad.exe
F:Blow your mindHijackThis.exe
C:Documents and SettingsOwnerApplication DataU335155111AD82C629285E6953-BF3C-4445-9376-3FE5D7F645B2ExecinSignupShield.exe
C:WINDOWSSystem32wuauclt.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [AS00_WPN511] C:Program FilesNETGEARWPN511UtilityWPN511.exe -hide
O4 - HKLM..Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSSystem32ctfmon.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb
elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb
elated.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX� - C:Program FilesMAGIXCommonDatabaseinfbserver.exe
--
End of file - 2272 bytes
View 14 Replies
View Related
Jan 14, 2005
Logfile of HijackThis v1.99.0 Scan saved at 2:30:42 PM, on 01/14/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe............
View 1 Replies
View Related
Feb 18, 2008
Programs closing out on their own or just hanging up.
Below are two logs you might need to help me. I've tried a system restore but it does not have any dates prior to Feb 4th which is also odd because it's always been on. I've run Spybot and Ad-Aware and AVG with no luck.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:27:32 PM, on 2/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:Program FilesLavasoftAd-Aware 2007aawservice.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32PackethSvc.exe
C:Program FilesCommon FilesAOLACSAOLAcsd.exe
C:PROGRA~1GrisoftAVG7avgamsvr.exe
C:PROGRA~1GrisoftAVG7avgupsvc.exe
C:PROGRA~1GrisoftAVG7avgemc.exe
C:WINDOWSSystem32svchost.exe
c:PROGRA~1mcafee.comvsomcvsrte.exe
C:WINDOWSSystem32
vsvc32.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesViewpointCommonViewpointService.exe
C:Program Filesmcafee.comVSOmcshield.exe
C:windowssystemhpsysdrv.exe
C:HPKBDKBD.EXE
C:Program FilesWildTangentDDCDDCManagerDDCMan.exe
C:Program FilesRealRealPlayerRealPlay.exe
C:Program FilesCommon FilesAOL1192911245eeAOLSoftware.exe
C:Program FilesSeagateSystemTrayStxMenuMgr.exe
C:Program FilesBellSouthAMBellSouthAlertManager.exe
C:Program FilesBellsouthHelpCenter40binsprtcmd.exe
C:PROGRA~1GrisoftAVG7avgcc.exe
C:Program FilesJavajre1.6.0_03injusched.exe
C:Program FilesCommon FilesAOLLoaderaolload.exe
C:Program FilesMacrogamingSweetIMSweetIM.exe
C:PROGRA~1EROKN~1FreedomFreedom.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesCreativeSync Manager UnicodeCTSyncU.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesAOL 9.1waol.exe
C:Program FilesCommon FilesAOLLoaderaolload.exe
C:WINDOWSexplorer.exe
C:Program FilesAOL 9.1shellmon.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32wuauclt.exe
C:Documents and SettingsHijack thisHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://us4.hpwis.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://srch-us4.hpwis.com/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://hometab.bellsouth.net/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://srch-us4.hpwis.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://srch-us4.hpwis.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://srch-us4.hpwis.com/
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://home.sweetim.com
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://srch-us4.hpwis.com/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:Program FilesAOLAOL Toolbar 5.0aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: AT&T Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:PROGRA~1BLSTOO~1BLSTOO~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: Freedom BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:Program Filesero KnowledgeFreedomFreeBHOR.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:Program FilesYahoo!Commonyiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_03inssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program FilesAOLAOL Toolbar 5.0aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - c:Program FilesMicrosoft MoneySystemmnyviewer.dll
O3 - Toolbar: &Zero-Knowledge Freedom - {FA91B828-F937-4568-82C1-843627E63ED7} - C:Program Filesero KnowledgeFreedomBandObjs.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program FilesAOLAOL Toolbar 5.0aoltb.dll
O3 - Toolbar: AT&T Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:PROGRA~1BLSTOO~1BLSTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [DDCM] "C:Program FilesWildTangentDDCDDCManagerDDCMan.exe" -Background
O4 - HKLM..Run: [DDCActiveMenu] "C:Program FilesWildTangentDDCActiveMenuDDCActiveMenu.exe" -boot
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [S3TRAY2] S3tray2.exe
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [VirusScan Online] C:Program Filesmcafee.comVSOmcvsshld.exe
O4 - HKLM..Run: [MCAgentExe] C:Program Filesmcafee.comAgentmcagent.exe
O4 - HKLM..Run: [MCUpdateExe] C:Program Filesmcafee.comAgentmcupdate.exe /embedding
O4 - HKLM..Run: [RealTray] C:Program FilesRealRealPlayerRealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [HostManager] C:Program FilesCommon FilesAOL1192911245eeAOLSoftware.exe
O4 - HKLM..Run: [StxTrayMenu] "C:Program FilesSeagateSystemTrayStxMenuMgr.exe"
O4 - HKLM..Run: [BellSouthAlertManager.exe] "C:Program FilesBellSouthAMBellSouthAlertManager.exe" /AUTORUN
O4 - HKLM..Run: [HelpCenter4.1] C:Program FilesBellsouthHelpCenter40binsprtcmd.exe /P HelpCenter4.1
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVG7avgcc.exe /STARTUP
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_03injusched.exe"
O4 - HKLM..Run: [FastAccess Help] C:Program FilesBellSouth Application Managementcontent..Start.exe
O4 - HKLM..Run: [SweetIM] C:Program FilesMacrogamingSweetIMSweetIM.exe
O4 - HKLM..Run: [googletalk] C:Program FilesGoogleGoogle Talkgoogletalk.exe /autostart
O4 - HKLM..RunOnce: [*Restore] C:WINDOWSsystem32
estore
strui.exe -i
O4 - HKCU..Run: [Zero Knowledge Freedom] C:PROGRA~1EROKN~1FreedomFreedom.exe
O4 - HKCU..Run: [Microsoft Works Update Detection] c:Program FilesMicrosoft WorksWkDetect.exe
O4 - HKCU..Run: [SweetIM] C:Program FilesMacrogamingSweetIMSweetIM.exe
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [CTSyncU.exe] "C:Program FilesCreativeSync Manager UnicodeCTSyncU.exe"
O4 - HKCU..Run: [AOL Fast Start] "C:Program FilesAOL 9.1AOL.EXE" -b
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [AVG7_Run] C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [AVG7_Run] C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-18..Run: [AVG7_Run] C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [AVG7_Run] C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User 'Default user')
O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar Search - c:program filesaolaol toolbar 5.0
esourcesen-USlocalsearch.html
O8 - Extra context menu item: &Windows Live Search - res://C:Program FilesWindows Live Toolbarmsntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03inssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03inssv.dll
O9 - Extra button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:Program FilesMarketBrowserlmtMarketBrowser_Launch.xpy
O9 - Extra 'Tools' menuitem: MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:Program FilesMarketBrowserlmtMarketBrowser_Launch.xpy
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:Program FilesAOLAOL Toolbar 5.0aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:Program FilesYahoo!Commonyiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:Documents and SettingsOwnerStart MenuProgramsIMVURun IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:Program FilesMicrosoft MoneySystemmnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:Program FilesYahoo!CommonYinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1193621932743
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1193622525202
O17 - HKLMSystemCCSServicesTcpip..{9FE0C803-14C4-45C9-A72D-398BC835A8D4}: NameServer = ,
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:Program FilesLavasoftAd-Aware 2007aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:Program FilesCommon FilesAOLACSAOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgemc.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - C:Program Filesmcafee.comVSOmcshield.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Mcafee.com Corporation - c:PROGRA~1mcafee.comvsomcvsrte.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32
vsvc32.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:WINDOWSSystem32PackethSvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:Program FilesViewpointCommonViewpointService.exe
--
End of file - 12660 bytes
View 11 Replies
View Related
Apr 30, 2006
dont know how to reviewing and cleaning Hijack this log file?
View 11 Replies
View Related
Jan 13, 2005
could someone check this HJT log please?
Logfile of HijackThis v1.99.0
Scan saved at 19:48:20, on 13/01/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
View 6 Replies
View Related
Feb 19, 2005
the hijackthis log and tell me why my computer is running slow?
Logfile of HijackThis v1.99.1
Scan saved at 10:31:23 PM, on 2/19/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
View 4 Replies
View Related
May 10, 2005
I used spybot and removed 111 objects, adware 48 and Microsoft Antispyware tool 20 objects. However my computer is still running slow. My hijackthis log is attached please help.
Logfile of HijackThis v1.98.2
Scan saved at 4:23:49 PM, on 5/10/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
View 3 Replies
View Related
Dec 23, 2005
If someone could advise me on what to remove from hijack log. I ran AdAware before I made the log. I'll check back in an hour or so.
View 12 Replies
View Related
Mar 20, 2007
I've got win xp, recently it is running very slowly especially when I try to get on the internet. I am attaching hicjackthis log, are there any obvious problems, I have a hunch that there are some programs which I don't use which slow down the system. Any suggestions? Thanks Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 22:02:05, on 20/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWS system32lsass.exe C:WINDOWSsystem32svchost.exe C:Program FilesWindows DefenderMsMpEng.exe C:WINDOWSSystem32svchost.exe C:WINDOWS system32spoolsv.exe D:avasy anti virusaswUpdSv.exe D:avasy anti virusashServ.exe C:WINDOWSsystem32 vsvc32.exe C:WINDOWS system32svchost.exe C:WINDOWSExplorer.EXE C:Program FilesCanonCALCALMAIN.exe D:avasy anti virusashMaiSv.exe D:AVASYA~1ashDisp.exe
D:scannerHP Share-to-Webhpgs2wnd.exe C:Program FilesPicasa2PicasaMediaDetector.exe C:WINDOWSsystem32LVCOMSX.EXE C:Program Files LogitechVideoLogiTray.exe C:Program FilesThomsonSpeedTouch USBDragdiag.exe C:Program FilesCommon FilesRealUpdate_OB ealsched.exe
D:avasy anti virusashWebSv.exe C:WINDOWSsystem32RUNDLL32.EXE C:Program FilesWindows DefenderMSASCui.exe C:WINDOWSsystem32 undll32.exe
D:Javainjusched.exe C:Program FilesQuickTimeqttask.exe D:iTunesiTunesHelper.exe C:WINDOWSsystem32ctfmon.exe C:Program FilesGoogle Google ToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe C:Program FilesWireless DeviceWireless KeyboardMagickey.exe C:Program FilesWireless DeviceWireless MouseMouseAp.exe D:scannerHP Share-to-Webhpgs2wnf.exe C:Program FilesWireless DeviceWireless Keyboardosd.exe
C:Program FilesLogitechVideoFxSvr2.exe C:Program FilesiPodiniPodService.exe C:Program FilesInternet Exploreriexplore.exe D:Program Files weak uiHiJackThis_v2.exe R0 - HKCUSoftwareMicrosoftInternet Explorer Main,Start Page = http://news.bbc.co.uk/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:Javainssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program files googlegoogletoolbar4.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar4.dll
O4 - HKLM..Run: [avast!] D:AVASYA~1ashDisp.exe O4 - HKLM..Run: [Share-to-Web Namespace Daemon] D:scannerHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE O4 - HKLM..Run: [LogitechVideoRepair] C:Program FilesLogitechVideoISStart.exe O4 - HKLM..Run: [LogitechVideoTray] C:Program FilesLogitechVideoLogiTray.exe O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe" -osboot O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [Windows Defender] "C:Program FilesWindows DefenderMSASCui.exe" -hideO4 - HKLM..Run: [SunJavaUpdateSched] "D:Javainjusched.exe" O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [iTunesHelper] "D:iTunesiTunesHelper.exe" O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program Files Logitech VideoManifestEngine.exe" boot O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUSS-1-5-21-1214440339-2025429265-725345543-1004..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background (User 'Mary') O4 - HKUSS-1-5-21-1214440339-2025429265-725345543-1004..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe (User 'Mary') O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM') O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader eader_sl.exe O4 - Global Startup: Enable Wireless Keyboard Driver.lnk = C:Program FilesWireless DeviceWireless KeyboardMagickey.exe O4 - Global Startup: Enable Wireless Optical Mouse Driver.lnk = C:Program FilesWireless DeviceWireless MouseMouseAp.exe O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE O8 - Extra context menu item: &Google Search - res://c:program filesgoogle GoogleToolbar2.dll /cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://c:program filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:program filesgoogleGoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:MICROS~1OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:program filesgoogleGoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:program filesgoogleGoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:Javainssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:Javainssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:MICROS~1OFFICE11REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O15 - Trusted Zone: http://www.boots.co.uk O15 - Trusted Zone: http://www.skl-network.com O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.co/kos/english...an_unicode.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/1f16/uploader2.cab O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} (AccountTracking Profile Manager Class) - https://moneymanager.egg.com/Pinsafe...nttracking.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5...ws-i586-jc.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.commandon demand.com/eval/cod/cabs/cssweb.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O17 - HKLMSystemCCSServicesTcpip..{DF43DB2B-C236-4154-B334-12818626C126}: NameServer = 212.139.132.5 212.139.132.4
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:WINDOWSsystem32rowseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:WINDOWSsystem32rowseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:avasy anti virusaswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - D:avasy anti virusashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - D:avasy anti virusashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - D:avasy anti virusashWebSv.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:Program FilesCanonCALCALMAIN.exe O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:Program FilesCommon FilesInstallShield Driver11Intel32IDriverT.exe (file missing) O23 - Service: iPod Service - Apple Computer, Inc. - C:Program FilesiPodiniPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32 vsvc32.exe
View 1 Replies
View Related
Oct 13, 2005
what I'm thinking is that I'm just going to have to pay & get this pc cleaned because after I go thru all the steps to correct it.later it starts freezing and stuff sooo bad that I always have to reset it like you do when you first by the pc because it won't let me estore pc using restore systems. So, here is my hijack this log. Logfile of HijackThis v1.99.1 Scan saved at 11:49:15 AM, on 10/13/2005
Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes:C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:windowssystemhpsysdrv.exe C:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe C:Program FilesVERITAS SoftwareUpdate Managersgtray.exe C:WINDOWSsystem32dla fswctrl.exe
C:WINDOWSSystem32igfxtray.exe C:WINDOWSSystem32hkcmd.exe C:WINDOWSsystem32ps2.exe C:WINDOWSetbpokapoka75.exe C:WINDOWSSystem32w?auclt.exe
C:Program Filesapsiwtta.exe C:Program Fileshp center137903ProgramBackWeb-137903.exe c:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesInternet Exploreriexplore.exe C:Program Filesewidosecurity suiteSecuritySuite.exe C:Program FilesInternet Exploreriexplore.exe C:Program FilesHijackThisHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL =http://www.24-7searching-and-more.com/sp2.php R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://us6.hpwis.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://srch-us6.hpwis.com/ R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.24-7searching-and-more.com/sp2.php R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.24-7searching-and-more.com/sp2.php R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://us6.hpwis.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://srch-us6.hpwis.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://srch-us6.hpwis.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://srch-us6.hpwis.com/ R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://us6.hpwis.com/ R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://srch-us6.hpwis.com/ R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://srch-us6.hpwis.com/ R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe O4 - HKLM..Run: [CamMonitor] c:Program FilesHewlett-PackardDigital ImagingUnloadhpqcmon.exe O4 - HKLM..Run: [StorageGuard] "C:Program FilesVERITAS SoftwareUpdate Managersgtray.exe" /r O4 - HKLM..Run: [dla] C:WINDOWSsystem32dla fswctrl.exe
O4 - HKLM..Run: [DDCActiveMenu] "C:Program FilesWildTangentDDCActiveMenuDDCActiveMenu.exe" -boot O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe O4 - HKLM..Run: [IST Service] C:Program FilesISTsvcistsvc.exe
O4 - HKLM..Run: [System service75] C:WINDOWSetbpokapoka75.exe O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Mrqx] C:WINDOWSSystem32w?auclt.exe O4 - HKCU..Run: [Notn] "C:Program Filesapsiwtta.exe" -vt mt O4 - Global Startup: hp center.lnk = C:Program Fileshp center137903ProgramBackWeb-137903.exe O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/game...s/y/pyt1_x.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com download.yaho...st20040510.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:Program FilesNorton AntiVirus avapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32 vsvc32.exe O23 - Service: Windows 32 Bit (Windows 32 Bit Drivers) - Unknown owner - C:WINDOWSWinVid32.exe
View 14 Replies
View Related
Apr 11, 2007
Computer seems to be slowed down, PLUS it seems to slow down its internet connection that is max 10 mips down, to a crawl, then it speeds back up. Cable claims all is okay on their end, and is something on my system. If someone can tell me if there is anything running in this HJ log that shouldn't be, or that I don't need to have running, Logfile of HijackThis v1.99.1 Scan saved at 1:21:21 PM, on 4/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes:
C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:Windows DefenderMsMpEng.exe C:WINDOWSsystem32svchost.exe C:Program FilesCommon FilesSymantec SharedccProxy.exe C:Program FilesCommon FilesSymantec SharedccSetMgr.exe C:Norton Personal FirewallISSVC.exe C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe C:WINDOWSExplorer.EXE C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe C:WINDOWSsystem32rsvc01a.exe
C:WINDOWSsystem32rss01a.exe C:WINDOWSsystem32spoolsv.exe C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe C:WINDOWSsystem32CTsvcCDA.EXE C:Norton SystemWorksNorton AntiVirusIWPNPFMntor.exe C:NORTON~1NORTON~1NPROTECT.EXE C:WINDOWSsystem32PSIService.exe C:NORTON~1NORTON~1SPEEDD~1NOPDB.EXE C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32WFXSVC.EXE C:WINDOWSsystem32MsPMSPSv.exe C:WINDOWSsystem32hkcmd.exe C:Windows DefenderMSASCui.exe C:Program FilesCommon FilesSymantec SharedccApp.exe C:WINDOWSsystem32wfxsnt40.exe C:Program FilesMicrosoft IntelliType Proitype.exe C:WINDOWSsystem32ctfmon.exe C:LogitechMouseWaresystemem_exec.exe C:WinZipwinzip32.exe C:DoughijackthisHijackThis.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.cnn.com/ R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = ftp=localhost:8118;gopher=localhost:8118;http=localhost:8118;https=localhos t:8118;socks=localhost:8118 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:Program FilesCommon FilesSymantec SharedAdBlockingNISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Norton SystemWorksNorton AntiVirusNavShExt.dll O3 - Toolbar: Norton Personal Firewall - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:Program FilesCommon FilesSymantec SharedAdBlockingNISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Norton SystemWorksNorton AntiVirusNavShExt.dll O4 - HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [UpdReg] C:WINDOWSUpdReg.EXE O4 - HKLM..Run: [Windows Defender] "C:Windows DefenderMSASCui.exe" -hide O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe" O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer O4 - HKLM..Run: [WinFaxAppPortStarter] wfxsnt40.exe O4 - HKLM..Run: [itype] "c:Program FilesMicrosoft IntelliType Proitype.exe" O4 - HKLM..RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:WINDOWSsystem32sti_ci.dll,WiaCreateWizardMenu O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Norton SystemWorks] "C:Norton SystemWorkscfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:MICROS~1OFFICE11EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Javain pjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Javain pjpi150_04.dll O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install...ds/tgctlcm.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175...at-no-eula.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1155682376421 O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:WINDOWSsystem32rsvc01a.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:Norton Personal FirewallISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:Norton SystemWorksNorton AntiVirus avapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:Norton SystemWorksNorton AntiVirusIWPNPFMntor.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:NORTON~1NORTON~1NPROTECT.EXE O23 - Service: ProtexisLicensing - Unknown owner - C:WINDOWSsystem32PSIService.exe O23 - Service: SAVScan - Symantec Corporation - C:Norton SystemWorksNorton AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:NORTON~1NORTON~1SPEEDD~1NOPDB.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - C:WINDOWSsystem32WFXSVC.EXE
View 2 Replies
View Related
Nov 14, 2008
Lately my PC freezes up for virtually no reason. The computer is older but runs just fine besides the freezing up. Not sure if its just time to get a new computer or if its just a glitch. I've attached a hijackthis log, hopefully if there is a glitch we can find it. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:55:49 PM, on 11/14/2008 Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:Program FilesWindows DefenderMsMpEng.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spoolsv.exe C:PROGRA~1COMMON~1aolACSAOLacsd.exe C:Program FilesCommon FilesAppleMobile Device SupportinAppleMobileDeviceService.exe C:PROGRA~1AVGAVG8avgwdsvc.exe C:Program FilesBonjourmDNSResponder.exe C:Program FilesWIDCOMMBluetooth Softwareintwdins.exe C:WINDOWSsystem32cisvc.exe C:WINDOWSSystem32svchost.exe C:WINDOWSSystem32svchost.exe C:Program FilesViewpointCommonViewpointService.exe C:WINDOWSwanmpsvc.exe C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe
C:WINDOWSsystem32ctfmon.exe C:Program FilesAWSWeatherBugWeather.exe C:Program FilesThe Weather Channel FWDesktopDesktopWeather.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe C:Program FilesNokiaNokia PC Suite 7PCSync2.exe C:Program FilesNokiaNokia PC Suite 7PCSuite.exe C:PROGRA~1AVGAVG8avgrsx.exe C:Program FilesBilleoilleo.exe C:Program FilesDigital Line DetectDLG.exe C:Program FilesYahoo!Messengerymsgr_tray.exe C:Program FilesViewpointViewpoint ManagerViewMgr.exe C:Program FilesCommon FilesNokiaMPAPIMPAPI3s.exe
C:Program FilesPC Connectivity SolutionServiceLayer.exe C:WINDOWSsystem32dlbxcoms.exe C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe C:WINDOWSsystem32cidaemon.exe
C:WINDOWSsystem32cidaemon.exe C:Program FilesInternet ExplorerIEXPLORE.EXE C:Program FilesNokiaNokia PC Suite 7ImageStore.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll O2 - BHO: LoginMonitorBHO Class - {23128821-FF38-4B38-82EA-FFC6DF4A7DD1} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG8avgssie.dll O2 - BHO: Billeo - {465E08E7-F005-4389-980F-1D8764B3486C} - c:program filesilleoilleo.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:Program FilesYahoo!Commonyiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_05inssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:Program FilesTGTSoftStyleXPTGT_BHO.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: Billeo - {6ADB0F93-1AA5-4BCF-9DF4-CEA689A3C111} - c:program filesilleoilleo.dll
O3 - Toolbar: The Weather Channel Toolbar - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:WINDOWSSYSTEM32TwcToolbarIe7.dll O4 - HKLM..Run: [Adobe Photo Downloader] "C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [Yahoo! Pager] "C:Program FilesYahoo!MessengerYahooMessenger.exe" -quiet O4 - HKCU..Run: [Weather] C:Program FilesAWSWeatherBugWeather.exe 1 O4 - HKCU..Run: [DW6] "C:Program FilesThe Weather Channel WDesktopDesktopWeather.exe"
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe O4 - HKCU..Run: [Nokia.PCSync] "C:Program FilesNokiaNokia PC Suite 7PCSync2.exe" /NoDialog O4 - HKCU..Run: [PC Suite Tray] "C:Program FilesNokiaNokia PC Suite 7PCSuite.exe" -onlytray O4 - Global Startup: billeo.lnk = C:Program FilesBilleoilleo.exe O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE O8 - Extra context menu item: &AOL Toolbar search - res://C:Program FilesAOL Toolbar oolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Yahoo! Search - file:///C:Program FilesYahoo!Common/ycsrch.htm O8 - Extra context menu item: Send To &Bluetooth - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie_ctx.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:Program FilesYahoo!Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:Program FilesYahoo!Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:Program FilesYahoo!Common/ycsms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05inssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05inssv.dll O9 - Extra button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file)O9 - Extra 'Tools' menuitem: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - (no file) O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:Program FilesYahoo!Commonyiesrvc.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:Program FilesBonjourExplorerPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwaretsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra button: Billeo - {97ED3A9F-CD6F-473A-8FE1-7505C1B844C3} - c:program filesilleoilleo.dll (HKCU)
O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://usercenter.cox.net/rsuite/sdc...cx_tgctlcm.jsp O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:Program FilesYahoo!Commonyinsthelper.dll O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebI...6-6D5536C585C9} O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca...C_2.1.1.74.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net qtinstall.in...lInstaller.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1145286197448 O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/download...1/axofupld.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/soft...ch/alaunch.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemp...ogin-devel.cab O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/instal...sinstaller.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://68.228.1.61:7000/activex/AxisCamControl.cab O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://131.107.96.16/media/xp/TLIEFlash.CAB O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/game...ploader_v6.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab O16 - DPF: {EC8C56B1-D027-4AB2-AF63-F845CCEE59B5} (DocumentAccessor Class) - https://billmanager.aol.com/billmana...oginHelper.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG8avgpp.dll O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~2GOEC62~1.DLL,avgrsstx.dll O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:PROGRA~1COMMON~1aolACSAOLacsd.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:Program FilesCommon FilesAppleMobile Device SupportinAppleMobileDeviceService.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgwdsvc.exe O23 - Service: Bonjour Service - Apple Computer, Inc. - C:Program FilesBonjourmDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:Program FilesWIDCOMMBluetooth Softwareintwdins.exe O23 - Service: dlbx_device - Dell - C:WINDOWSsystem32dlbxcoms.exe O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:Program FilesViewpointCommonViewpointService.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:WINDOWSwanmpsvc.exe
View 3 Replies
View Related
Mar 20, 2005
My computer has been very bogged down. Can you please advise on attached hijack this list?
View 2 Replies
View Related
Apr 7, 2005
I have ran Spybot and Adaware both are updated, this is now the hijack this log. I am having a lot of problems
View 3 Replies
View Related
Jan 19, 2005
mslogin.exe wants access to internet I have McAfee Firewall 2004 and Viruscan. I believe I am coming close to having the viruses and worms cleaned out.An executable file c:windowssystem32oobewinkeymslogin.exe keeps trying to access the internet. I have blocked it and have granted it access and it keeps popping up.The folder 'winkey' does not exist on the computer as I have tried looking for it.
View 1 Replies
View Related
Dec 30, 2004
i don`t think why the computer`s running slow again.. please check the HijackThis file...
Logfile of HijackThis v1.99.0
Scan saved at 2:32:39 PM, on 12/30/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
View 1 Replies
View Related
May 17, 2005
my computer is running a little too slow for my likeing, I have installed and run hijack-this and here is my log.
View 2 Replies
View Related