Hijackthis log

Discussion in 'Computer Support' started by KS, Aug 15, 2006.

  1. KS

    KS Guest

    Would you please look at this hijackthis.log for me? Laptop is running
    very slow. Thanks in advance.

    Logfile of HijackThis v1.99.1
    Scan saved at 8:05:15 PM, on 14/08/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe
    C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
    C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\ansyslmd.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\WINDOWS\inet20091\services.exe
    C:\WINDOWS\System32\shnlog.exe
    C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\System32\dlbtcoms.exe
    C:\WINDOWS\inet20091\select.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R3 - Default URLSearchHook is missing
    F3 - REG:win.ini: run=C:\WINDOWS\inet20091\services.exe
    O2 - BHO: HP Class - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} -
    C:\WINDOWS\System32\hp65E5.tmp (file missing)
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
    Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\jre1.5.0_02\bin\jusched.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program
    Files\D-Tools\daemon.exe" -lang 1033 -noicon
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
    Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell
    Photo AIO Printer 922\dlbtbmgr.exe"
    O4 - HKLM\..\Run: [DLBTCATS] rundll32
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [RegSvr32] C:\WINDOWS\System32\msmsgs.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
    C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20091\services.exe
    O4 - HKLM\..\Run: [Microsoft standard protector]
    C:\WINDOWS\inet20091\socks.exe
    O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program
    Files\Microsoft Works\WkDetect.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN
    Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inet20091\services.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
    Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: &Viewpoint Search - res://C:\Program
    Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
    C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console -
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
    Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
    C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
    C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger -
    {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
    Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .pdf: C:\Program Files\Internet
    Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
    http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload
    Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
    http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
    "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: cfgmngr32 - C:\WINDOWS\system32\hk.dll
    O20 - Winlogon Notify: gg - C:\WINDOWS\adsldpbd.dll (file missing)
    O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll
    O20 - Winlogon Notify: style2 - C:\WINDOWS\q174540.dll (file missing)
    O20 - Winlogon Notify: style32 - C:\WINDOWS\q183059745.dll (file
    missing)
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc.
    - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: ANSYS FLEXlm license manager - Macrovision Corporation -
    C:\PROGRA~1\ANSYSI~1\SHARED~1\LICENS~1\Intel\lmgrd.exe
    O23 - Service: CAISafe - Computer Associates International, Inc. -
    C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology
    Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe
    O23 - Service: MATLAB Server (matlabserver) - Unknown owner -
    C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA
    Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
    C:\Program Files\Common Files\Symantec Shared\Security
    Center\SymWSC.exe
    O23 - Service: VET Message Service (VETMSGNT) - Computer Associates
    International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ
    Antivirus\VetMsg.exe
    KS, Aug 15, 2006
    #1
    1. Advertising

  2. KS

    Gubo Dangle Guest

    KS was thinking very hard :
    > Would you please look at this hijackthis.log for me? Laptop is running
    > very slow. Thanks in advance.
    >
    >

    [snip]

    OK I've looked at it. Very nice it was too. Thanks for sharing that
    with the world.
    Gubo Dangle, Aug 15, 2006
    #2
    1. Advertising

  3. KS

    Guest

    "KS" <> wrote:

    >Would you please look at this hijackthis.log for me? Laptop is running
    >very slow. Thanks in advance.


    eTrust EZ Armor isn't doing you any favors at all.

    Copy and paste it to http://hijackthis.de/en

    --
    Dry Ice Bombs.
    http://strmz.com/Clip2382
    , Aug 15, 2006
    #3
  4. KS

    pcbutts1 Guest

    Your system is infected with viruses and Trojans. You have no service packs
    installed. Your system is vulnerable big time which is why you are already
    infected. Follow the instructions below to clean your system then run HJT
    again and post another log.
    Download, install, update and run all of the following.

    Ad-Aware
    http://www.pcbutts1.com/downloads/aawsepersonal.exe

    Spybot search and destroy
    http://www.pcbutts1.com/downloads/spybotsd14.exe

    Ewido Security Suite Trial version
    http://www.pcbutts1.com/downloads/ewido-setup_4.0.0.172c.exe

    Microsoft Windows Defender (Beta2)
    http://www.microsoft.com/athome/security/spyware/software/default.mspx

    Let the software remove whatever it finds then go here and update your XP
    http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us

    Next delete your antivirus software and install this one do a complete scan.
    http://www.avast.com/eng/avast_4_home.html


    --


    The best live web video on the internet http://www.seedsv.com/webdemo.htm
    NEW Embedded system W/Linux. We now sell DVR cards.
    See it all at http://www.seedsv.com/products.htm
    Sharpvision simply the best http://www.seedsv.com



    "KS" <> wrote in message
    news:...
    > Would you please look at this hijackthis.log for me? Laptop is running
    > very slow. Thanks in advance.
    >
    > Logfile of HijackThis v1.99.1
    > Scan saved at 8:05:15 PM, on 14/08/2006
    > Platform: Windows XP (WinNT 5.01.2600)
    > MSIE: Internet Explorer v6.00 (6.00.2600.0000)
    >
    pcbutts1, Aug 15, 2006
    #4
  5. KS

    Leythos Guest

    In article <>, pcbutts1
    @seedsv.com says...
    > Your system is infected with viruses and Trojans. You have no service packs
    > installed. Your system is vulnerable big time which is why you are already
    > infected. Follow the instructions below to clean your system then run HJT
    > again and post another log.
    > Download, install, update and run all of the following.


    Only download software you can validate as uncompromised - in the case
    of non-vendor site you have no guarantee that the files are unmodified
    or uncompromised. Anyone providing a link to a non-vendors site with a
    direct download should not be trusted, the vendors sites are the safest
    place to download their application.

    No person of sound mind would download files from a hack site that
    requires a password to access the unknown files when they are available
    directly from the vendors.

    Always remember - only download files from Trusted Sites.

    The following links will take you to vendors sites for Spy Ware / Ad
    ware removal tools and also for Antivirus tools. After you install any
    of these applications and update them, run them in SAFE MODE to allow
    them to properly clean your system.

    First, make sure that your Java is updated to the latest version:
    http://www.java.com/en/download/index.jsp

    These sites are for downloading Anti-Malware and Anti-Spyware tools, in
    order that I would use them myself:

    Dave Lipman's tools:
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm

    Secured2K's AntiPauper (download link/info at)
    http://forums.mcafeehelp.com/viewtopic.php?t=65072

    AdAwareSE can be found here:
    http://www.lavasoft.de/support/download/

    SpyBot Search and Destroy can be found here:
    http://www.safer-networking.org/en/download/index.html

    HiJack can be found here:
    http://www.spywareinfo.com/~merijn/downloads.html

    Ewido Security Suite Trial can be found here:
    http://www.ewido.net/en/download/

    CrapCleaner can be found at the vendors site here:
    http://www.ccleaner.com/ccdownload.asp

    CleanUp can be found at the vendors site here:
    http://www.stevengould.org/software/cleanup/download.html
    or from another reputable source:
    http://www.tucows.com/get/405276_152071

    The following are two links to Antivirus software in order that I would
    use them:

    You can also download Symantec Trial version of their Antivirus software
    from here:
    http://www.symantec.com/downloads/

    Download AVG Personal Free edition from here:
    http://free.grisoft.com/freeweb.php/doc/2/

    These are the actual vendors sites, not some unknown or authorized no-
    name site. They also don't artificially increase the hits for sites that
    get paid for the amount of traffic they can generate like one poster has
    admitted to in this group.


    --


    remove 999 in order to email me
    Leythos, Aug 15, 2006
    #5
  6. KS

    Meat Plow Guest

    On Mon, 14 Aug 2006 19:19:14 -0700, pcbutts1 wrote:

    > Subject: Re: Hijackthis log
    > From: "pcbutts1" <>
    > Newsgroups: 24hoursupport.helpdesk
    > Date: Mon, 14 Aug 2006 19:19:14 -0700
    >
    > Your system is infected with viruses and Trojans. You have no service
    > packs installed. Your system is vulnerable big time which is why you are
    > already infected. Follow the instructions below to clean your system then
    > run HJT again and post another log.
    > Download, install, update and run all of the following.
    >
    > Ad-Aware
    > http://www.pcbutts1.com/downloads/aawsepersonal.exe
    >
    > Spybot search and destroy
    > http://www.pcbutts1.com/downloads/spybotsd14.exe
    >
    > Ewido Security Suite Trial version
    > http://www.pcbutts1.com/downloads/ewido-setup_4.0.0.172c.exe
    >
    > Microsoft Windows Defender (Beta2)
    > http://www.microsoft.com/athome/security/spyware/software/default.mspx
    >
    > Let the software remove whatever it finds then go here and update your XP
    > http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us
    >
    > Next delete your antivirus software and install this one do a complete
    > scan. http://www.avast.com/eng/avast_4_home.html


    Don't download any of this crap.

    --
    COOSN-266-06-25794

    Pierre Salinger Memorial Hook, Line & Sinker, June 2004
    Meat Plow, Aug 15, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. UnderDog

    HijackThis Log

    UnderDog, May 8, 2004, in forum: Computer Support
    Replies:
    5
    Views:
    5,601
    Boomer
    May 8, 2004
  2. ~*Eternity*~

    Help with HijackThis! Log

    ~*Eternity*~, May 14, 2004, in forum: Computer Support
    Replies:
    8
    Views:
    785
    Toolman Tim
    May 15, 2004
  3. Mr. Wood

    HijackThis log - what do I fix?

    Mr. Wood, May 30, 2004, in forum: Computer Support
    Replies:
    6
    Views:
    531
    Toolman Tim
    May 30, 2004
  4. nik_marquise

    HijackThis help . . . not log file . . . Help

    nik_marquise, Jun 8, 2004, in forum: Computer Support
    Replies:
    1
    Views:
    368
    ┬░Mike┬░
    Jun 8, 2004
  5. Warren Briggs

    Help with Hijackthis!! LOG

    Warren Briggs, Jun 9, 2004, in forum: Computer Support
    Replies:
    2
    Views:
    558
    discogail
    Jun 9, 2004
Loading...

Share This Page