Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > Hijackthis log

Reply
Thread Tools

Hijackthis log

 
 
KS
Guest
Posts: n/a
 
      08-15-2006
Would you please look at this hijackthis.log for me? Laptop is running
very slow. Thanks in advance.

Logfile of HijackThis v1.99.1
Scan saved at 8:05:15 PM, on 14/08/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd .exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\ansys lmd.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\inet20091\services.exe
C:\WINDOWS\System32\shnlog.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\dlbtcoms.exe
C:\WINDOWS\inet20091\select.exe
C:\Program Files\HijackThis\HijackThis.exe

R3 - Default URLSearchHook is missing
F3 - REG:win.ini: run=C:\WINDOWS\inet20091\services.exe
O2 - BHO: HP Class - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} -
C:\WINDOWS\System32\hp65E5.tmp (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program
Files\D-Tools\daemon.exe" -lang 1033 -noicon
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell
Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [DLBTCATS] rundll32
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [RegSvr32] C:\WINDOWS\System32\msmsgs.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20091\services.exe
O4 - HKLM\..\Run: [Microsoft standard protector]
C:\WINDOWS\inet20091\socks.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program
Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN
Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inet20091\services.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program
Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Program Files\Internet
Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload
Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v10...o.cab34246.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: cfgmngr32 - C:\WINDOWS\system32\hk.dll
O20 - Winlogon Notify: gg - C:\WINDOWS\adsldpbd.dll (file missing)
O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll
O20 - Winlogon Notify: style2 - C:\WINDOWS\q174540.dll (file missing)
O20 - Winlogon Notify: style32 - C:\WINDOWS\q183059745.dll (file
missing)
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc.
- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: ANSYS FLEXlm license manager - Macrovision Corporation -
C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd .exe
O23 - Service: CAISafe - Computer Associates International, Inc. -
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner -
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\Security
Center\SymWSC.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates
International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ
Antivirus\VetMsg.exe

 
Reply With Quote
 
 
 
 
Gubo Dangle
Guest
Posts: n/a
 
      08-15-2006
KS was thinking very hard :
> Would you please look at this hijackthis.log for me? Laptop is running
> very slow. Thanks in advance.
>
>

[snip]

OK I've looked at it. Very nice it was too. Thanks for sharing that
with the world.


 
Reply With Quote
 
 
 
 
Pennywise@DerryMaine.Gov
Guest
Posts: n/a
 
      08-15-2006
"KS" <(E-Mail Removed)> wrote:

>Would you please look at this hijackthis.log for me? Laptop is running
>very slow. Thanks in advance.


eTrust EZ Armor isn't doing you any favors at all.

Copy and paste it to http://hijackthis.de/en

--
Dry Ice Bombs.
http://strmz.com/Clip2382
 
Reply With Quote
 
pcbutts1
Guest
Posts: n/a
 
      08-15-2006
Your system is infected with viruses and Trojans. You have no service packs
installed. Your system is vulnerable big time which is why you are already
infected. Follow the instructions below to clean your system then run HJT
again and post another log.
Download, install, update and run all of the following.

Ad-Aware
http://www.pcbutts1.com/downloads/aawsepersonal.exe

Spybot search and destroy
http://www.pcbutts1.com/downloads/spybotsd14.exe

Ewido Security Suite Trial version
http://www.pcbutts1.com/downloads/ew...4.0.0.172c.exe

Microsoft Windows Defender (Beta2)
http://www.microsoft.com/athome/secu...e/default.mspx

Let the software remove whatever it finds then go here and update your XP
http://update.microsoft.com/microsof....aspx?ln=en-us

Next delete your antivirus software and install this one do a complete scan.
http://www.avast.com/eng/avast_4_home.html


--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"KS" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> Would you please look at this hijackthis.log for me? Laptop is running
> very slow. Thanks in advance.
>
> Logfile of HijackThis v1.99.1
> Scan saved at 8:05:15 PM, on 14/08/2006
> Platform: Windows XP (WinNT 5.01.2600)
> MSIE: Internet Explorer v6.00 (6.00.2600.0000)
>



 
Reply With Quote
 
Leythos
Guest
Posts: n/a
 
      08-15-2006
In article <(E-Mail Removed)>, pcbutts1
@seedsv.com says...
> Your system is infected with viruses and Trojans. You have no service packs
> installed. Your system is vulnerable big time which is why you are already
> infected. Follow the instructions below to clean your system then run HJT
> again and post another log.
> Download, install, update and run all of the following.


Only download software you can validate as uncompromised - in the case
of non-vendor site you have no guarantee that the files are unmodified
or uncompromised. Anyone providing a link to a non-vendors site with a
direct download should not be trusted, the vendors sites are the safest
place to download their application.

No person of sound mind would download files from a hack site that
requires a password to access the unknown files when they are available
directly from the vendors.

Always remember - only download files from Trusted Sites.

The following links will take you to vendors sites for Spy Ware / Ad
ware removal tools and also for Antivirus tools. After you install any
of these applications and update them, run them in SAFE MODE to allow
them to properly clean your system.

First, make sure that your Java is updated to the latest version:
http://www.java.com/en/download/index.jsp

These sites are for downloading Anti-Malware and Anti-Spyware tools, in
order that I would use them myself:

Dave Lipman's tools:
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Secured2K's AntiPauper (download link/info at)
http://forums.mcafeehelp.com/viewtopic.php?t=65072

AdAwareSE can be found here:
http://www.lavasoft.de/support/download/

SpyBot Search and Destroy can be found here:
http://www.safer-networking.org/en/download/index.html

HiJack can be found here:
http://www.spywareinfo.com/~merijn/downloads.html

Ewido Security Suite Trial can be found here:
http://www.ewido.net/en/download/

CrapCleaner can be found at the vendors site here:
http://www.ccleaner.com/ccdownload.asp

CleanUp can be found at the vendors site here:
http://www.stevengould.org/software/.../download.html
or from another reputable source:
http://www.tucows.com/get/405276_152071

The following are two links to Antivirus software in order that I would
use them:

You can also download Symantec Trial version of their Antivirus software
from here:
http://www.symantec.com/downloads/

Download AVG Personal Free edition from here:
http://free.grisoft.com/freeweb.php/doc/2/

These are the actual vendors sites, not some unknown or authorized no-
name site. They also don't artificially increase the hits for sites that
get paid for the amount of traffic they can generate like one poster has
admitted to in this group.


--

http://www.velocityreviews.com/forums/(E-Mail Removed)
remove 999 in order to email me
 
Reply With Quote
 
Meat Plow
Guest
Posts: n/a
 
      08-15-2006
On Mon, 14 Aug 2006 19:19:14 -0700, pcbutts1 wrote:

> Subject: Re: Hijackthis log
> From: "pcbutts1" <(E-Mail Removed)>
> Newsgroups: 24hoursupport.helpdesk
> Date: Mon, 14 Aug 2006 19:19:14 -0700
>
> Your system is infected with viruses and Trojans. You have no service
> packs installed. Your system is vulnerable big time which is why you are
> already infected. Follow the instructions below to clean your system then
> run HJT again and post another log.
> Download, install, update and run all of the following.
>
> Ad-Aware
> http://www.pcbutts1.com/downloads/aawsepersonal.exe
>
> Spybot search and destroy
> http://www.pcbutts1.com/downloads/spybotsd14.exe
>
> Ewido Security Suite Trial version
> http://www.pcbutts1.com/downloads/ew...4.0.0.172c.exe
>
> Microsoft Windows Defender (Beta2)
> http://www.microsoft.com/athome/secu...e/default.mspx
>
> Let the software remove whatever it finds then go here and update your XP
> http://update.microsoft.com/microsof....aspx?ln=en-us
>
> Next delete your antivirus software and install this one do a complete
> scan. http://www.avast.com/eng/avast_4_home.html


Don't download any of this crap.

--
COOSN-266-06-25794

Pierre Salinger Memorial Hook, Line & Sinker, June 2004
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Help with Hijackthis!! LOG Warren Briggs Computer Support 2 06-09-2004 02:16 PM
HijackThis help . . . not log file . . . Help nik_marquise Computer Support 1 06-07-2004 11:56 PM
HijackThis log - what do I fix? Mr. Wood Computer Support 6 05-30-2004 05:20 PM
Help with HijackThis! Log ~*Eternity*~ Computer Support 8 05-15-2004 01:06 AM
HijackThis Log UnderDog Computer Support 5 05-08-2004 10:48 PM



Advertisments