Windows Support Forum

Can you review this HP Pavilion G6-1009ea

Q: Can you review this HP Pavilion G6-1009ea

Hey guys,
I need a cheap laptop that shouldn't be used for much more than MS Office and casual gaming, for games like Dawn of War S1, Dawn of War S2, World of Warcraft and other such games and RTSs, could anyone check it out for me? I've had a look but i'd like more opinions.

Link ---> PC World ---> HP Pavilion G6-1009ea - Red

Dual Core Processer 2.3GHz
ATI Mobility Radeon HD 4250
4GB RAM
500GB HDD

Relevancy 100%
Preferred Solution: Can you review this HP Pavilion G6-1009ea

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Can you review this HP Pavilion G6-1009ea

We could help you out more effectively if you posted a link to the machine.

http://www.techspot.com/community/topics/can-you-review-this-hp-pavilion-g6-1009ea.167340/
Relevancy 54.18%

My Experience with nbsp HP Pavilion Notebook - -g ca nbsp nbsp Overall I liked nbsp this and not HP product enough to keep it which is the only assessment that matters nbsp I did have huge issues with this product but most of it was due to Microsoft Windows bungles not HP nbsp Battery nbsp Insuffient but thats not what this laptop is designed for nobodys going to lug this thing around its too heavy nbsp Fot its intended purpose the battery is actually sufficient otherwide the unit would be even heavier nbsp Keyboard nbsp No issues everything is well thought out IMO nbsp Touchpad nbsp Has a learning curve but once you train yourself I abandoned my mouse nbsp Has issues with non button nbsp taps and doubleclicks being missed training helps but does not eliminate nbsp Two finger scroll actually works well nbsp Sound nbsp Sound through headpne jack is exceptional IMO nbsp The B amp O speakers tuning isn't going to fool anyone but don't sound horrendous Compelling lLaptop sound simply can't be done without redifining the laptop nbsp Review Pavilion 17-g198ca HP - Notebook nbsp I have a Sony X bluetooth I use for this purpose and it sounds great nbsp Don't buy the bigger ones as they have HP Pavilion Notebook - 17-g198ca Review some alien DSP that you can't turn OFF nbsp CPU and Graphics load can make it stutter but you have to try pretty hard nbsp Screen Superb in both colour black angle and brightness nbsp Mine had minor light bleeding and a single dead pixel that you can't see without a magnifying glass nbsp Ethernet HP Pavilion Notebook - 17-g198ca Review Slow but I never get near that anyway in real life nbsp Graphics nbsp Anyone who thinks they can play games on this doesn't have very high expectations nbsp For any non-game application this laptop handles it well Rainmeter skins are no issue no matter how complex nbsp USB nbsp Works but not like my desktop nbsp Something is HP Pavilion Notebook - 17-g198ca Review throttling it but it still usable nbsp Bloatware nbsp Not a lot and most excpept the M crap can be removed nbsp External Devices nbsp nbsp Every removable stoage device works well at albiet slower than optimal USB speeds nbsp Extrenal USB audio devices are completely borked on this laptop and maybe every Win one nbsp I have a feeling the B amp O audion is messing things up nbsp No amount of driver voodoo configuation and troubleshooting could get my Creative xFi and Emu to work on this laptop with win nbsp They sort of worked at best nbsp I bought a HDMI to optical converter to deal this this and it works extremely well but takes up my HDMI port nbsp Using this with a SSD nbsp Buying a laptop like this and not putting a SSD in it is kind of a waste nbsp It is slow and tempremental without one IMO nbsp With a SSD you get the experince you paid for nbsp It is rediculous that laptop makers are still shipping with slow RPM drives nbsp You won't like the migration process as it messes up a lot of stuff most of which can be fixed nbsp Never ever repurpose the stock hard disk nbsp Makes recovery drives first as MS cripples this abilty on any copies nbsp Switching out the hard drive is far far too difficult but doable nbsp Window nbsp completely BORKED in many ways nbsp Start menu is a coersive grab that doesn't even work half the time nbsp Forced apps galore nbsp English Canadian Language pack is completely messed up and randomly disables most strart menu searches nbsp Loaction Canada language US is the only combo that works reliably nbsp hours MS chat support nbsp nbsp

http://h30434.www3.hp.com/t5/Notebook-Operating-System-and-Recovery/HP-Pavilion-Notebook-17-g198ca-Review/td-p/5613717
Relevancy 36.98%

Dear everybody! I'm going to buy more 8GB Crucial ram for my laptop. Currently i have 4GB. So i will have 12GB ram total. So Could anyone give me some advices about this. Is it ok ? Is it compatible with my device ?  Thank you.  

A:HP-Pavilion-17-f100-Notebook-PC-series - HP Pavilion Noteboo...

@0xaddr? Memory Supports the following configurations: ? 12288 MB (8192 MB×1+ 4096 MB×1; not supported on computer models with a 32-bit operating system) Your manual here. http://h10032.www1.hp.com/ctg/Manual/c04427554 REO

http://h30434.www3.hp.com/t5/Notebook-Hardware-and-Upgrade-Questions/HP-Pavilion-17-f100-Notebook-PC-series-HP-Pavilion-Notebook/td-p/5748896
Relevancy 36.98%

The sound on my notebook works fine until I connect it via HDMI to an HP Pavilion 24xw monitor.  Then the audio disappears.  If I disconnect it, the audio comes back. I have tried going to the 'Sound' section of the control panel.  There are two options:Speakers Realtek High Definition Audio HP 24xwThe default is Speakers Realtek.  When I use the test facility my notebook plays the test sound.  I have updated to the latest version of the driver. Can someone help with why when plugging in the monitor the audio disappears from my notebook? Thank you so much!

http://h30434.www3.hp.com/t5/Notebook-Audio/HP-Pavilion-Gaming-DPGEK44-connected-via-HP-Pavilion-24xw/td-p/5763908
Relevancy 36.12%

..........hello,

a simple question......will a HP Pavilion 15-n034sa motherboard fit into a HP Pavilion 15-n083sa ?

help me obi-wan youre my only hope!!

 

A:will a HP Pavilion 15-n034sa motherboard fit into a HP Pavilion 15-n083sa ?

Actually that's a hard question, generally its not possible to install another motherboard, sometimes it is. In this case one is an AMD platform and the other is an Intel platform, there could be tons of differences in mounting holes, physical design, clearance, connectors, heat dissipation requirements, cooling systems, etc. Laptops are not like desktops that use more standardized designs.
 

https://forums.techguy.org/threads/will-a-hp-pavilion-15-n034sa-motherboard-fit-into-a-hp-pavilion-15-n083sa.1143967/
Relevancy 36.12%

Hi, I just bought 2 laptops today and wanted it to be in Windows 7 64 bit instead of Windows 10.May I know where to get the Winows 7 drivers?I had tried to search around but I couldn't get Win7 driver.Can you provide me? The laptops I just bought are:HP Pavilion 14-ab175TXHP Pavilion Notebook - 14-ab161tx

http://h30434.www3.hp.com/t5/Notebook-Software-and-How-To-Questions/HP-Pavilion-14-ab175TX-amp-HP-Pavilion-Notebook-14-ab161tx/td-p/5636669
Relevancy 36.12%

I have a Genuine Microsoft DVD DV4 not does ... Pavilion internal Pavilion UEFI show dvd using for Windows When I put the Bios in UEFI boot mode It does not boot from the DVD or Pavilion DV4 Pavilion using UEFI does not show internal dvd ... if i use a USB bootable stick nbsp formatted using APT format When I hit esc on boot and select the boot devices to boot from nothing is shown nbsp If nbsp I let it just try to boot it give me a message that no bootable image on hard disk It is a new hard nbsp When I put it in legacy support mode it will boot either the USB or the internal DVD but I want to use UEFI and the new APT format for security What device can you buy so this laptop nbsp will boot something that is portable media on this bios nbsp It came with this format on the original hard drive with windows nbsp Thanks Buford nbsp HP Pavilion DV - cl with INSYDE F bios from latest update

http://h30434.www3.hp.com/t5/Notebook-Boot-and-Lockup/Pavilion-DV4-Pavilion-using-UEFI-does-not-show-internal-dvd/td-p/5787572
Relevancy 34.83%

I would like to connect my HP Pav 23-1010t All in One Desktop to my HP Pav dm4 laptop.  For the purpose of switching between the two, using the HP Pav 23 video/monitor, keyboard and mouse to control what is on the laptop.  Will a KVM switch work?  Or some other swtich or cables?   

http://h30434.www3.hp.com/t5/Desktop-Hardware-and-Upgrade-Questions/Connect-HP-Pavilion-dm4-Laptop-to-HP-Pavilion-23-All-In-One/td-p/5646024
Relevancy 34.83%

My HP Pavilion 500-205t was destroyed by a lightning strike. The HD is o.k. I have purchased an HP Pavilion 500-490 because the specs were very close.  I  want to use my 205t HD. Both computers are Core i3-4130, have 1 TB 7200 SATA 6G 3.5 HDs, same OS (Windows 7 Pro 64). My question is:  can I swap them out, or do I need to get an external HD enclosure and copy the 205t to the 490? If I need the external HD enclosure, looks like aluminum would be best, but would like recommendation for one which would hold my HD.

http://h30434.www3.hp.com/t5/Desktop-Hardware-and-Upgrade-Questions/Can-I-install-my-HP-Pavilion-500-205t-HD-in-HP-Pavilion-500/td-p/5660060
Relevancy 29.67%

Doing some cleaning up and need an quot expert quot to review this log As always I appreciate your help GRM Logfile of HijackThis v Scan saved at PM on Platform Windows SE Win x A MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS Log- Could please HJT someone review SYSTEM MSGSRV EXE C HJT Log- Could someone please review WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM mmtask tsk C PROGRAM FILES GRISOFT AVG AVGSERV EXE C WINDOWS EXPLORER EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C PROGRAM FILES email protected email protected C PROGRAM FILES GRISOFT AVG AVGCC EXE C PROGRAM FILES DIGSTREAM DIGSTREAM EXE C WINDOWS HJT Log- Could someone please review SYSTEM DDHELP EXE C WINDOWS SYSTEM WMIEXE EXE HJT Log- Could someone please review C PROGRAM FILES HIJACK THIS HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Search Bar http g msn com SEENUS SAOS R - HKCU Software Microsoft Internet Explorer Main Start Page http www azcentral com R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by Cox High Speed Internet O - BHO no name - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER DLL O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run SystemTray SysTray Exe O - HKLM Run seticlient C Program Files email protected email protected -min O - HKLM Run Tweak UI RUNDLL EXE TWEAKUI CPL TweakMeUp O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run AVG CC C PROGRAM FILES GRISOFT AVG avgcc exe startup O - HKLM Run NvCplDaemon RUNDLL EXE NvQTwk NvCplDaemon initialize O - HKLM Run nwiz nwiz exe install O - HKLM Run DIGStream C Program Files DIGStream digstream exe O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices Avgserv exe C PROGRA GRISOFT AVG Avgserv exe O - Extra context menu item amp Download with amp DAP - C PROGRA DAP dapextie htm O - Extra button Related HKLM O - Extra Tools menuitem Show amp Related Links HKLM O - Plugin for bcf C PROGRA INTERN Plugins NPBelv dll O - DPF C -D D- D - A - C FF BB BrowseFolderPopup Class - http download mcafee com molbin Shared MGBrwFld cab O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http download macromedia com pub shockwave cabs flash swflash cab O - DPF B -CDD - F - - B ECD CA CA HearMe VoiceCREATOR - http vp hearme com products vp embedded plugins evp cab O - DPF ABE - - -A B -BF E CAAC HearMe Microphone Configuration Wizard - http www hearme com products vp config plugins evpcfg cab O - DPF Talk City EZTalk - http morechat talkcity com java ezmed ezmed cab O - DPF Yahoo Chat - http us chat yimg com us yimg com i chat applet c chat cab O - DPF CA E D - - D -BF E- C D HearMe VCDownload Class - http eudora voicecontact com vc plugins VC Setup cab O - DPF - B- D - EAC- C D CF iPIX ActiveX Control - http www ipix com viewers ipixx cab O - DPF ESPN com NBA GameCast - http scores espn go com java NBAGameCastInstall cab O - DPF ESPN com MLB GameCast - http scores espn go com java MLBGameCastInstall cab O - DPF B BCA- F C- CF- - Shockwave ActiveX Control - http download macromedia com pub shockwave cabs director sw cab O - DPF E A - D F- - - D B MSN Chat Control - http fdl msn com public chat msnchat cab O - DPF E F - B - D - - BD D sys Class - http www pcpitstop com pcpitstop PCPitStop CAB O - DPF B EE-B - D - - BD D iCC Class - http www pcpitstop com internet pcpConnCheck cab O - DPF FB -C - D - F- A C F mhLabel Class - http www pcpitstop com mhLbl cab O - DPF FB FE - D B- D- -C BE AFA F DiskHealth Class - http www pcpitstop com pcpitstop diskhealth cab O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net fb e def housecall antivirus com housecall xscan cab O - DPF A A - DA - DAF-B - F E E ActiveScan Installer Class - ... Read more

https://forums.techguy.org/threads/hjt-log-could-someone-please-review.208760/
Relevancy 29.67%

Hi all I just got done working on a friend of mine s computer She had so many someone Can log? review Please? my HJT trojans Can someone review my HJT log? Please? spyware adware etc that it was absolutely ridiculous All in all I spent over hours getting everything under control with HJT Ad-Aware SB S Can someone review my HJT log? Please? amp D CWShredder RegCleaner Windows Defender and Trend Micro AV Everything seems to be working perfectly now though Anyhow can someone please check over her HJT log and tell me if there is anything there that should be removed so that next time I go over to her place I can remove them I would appreciate it Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files Windows Defender MsMpEng exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Analog Devices Core smax pnp exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files Dell Media Experience DMXLauncher exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Trend Micro Internet Security pccguide exe C WINDOWS System DLA DLACTRLW EXE C Program Files HP HP Software Update HPWuSchd exe C Program Files HP hpcoretech hpcmpmgr exe C Program Files Windows Defender MSASCui exe C Program Files Trend Micro Internet Security TMAS OE TMAS OEMon exe C Program Files DellSupport DSAgnt exe C WINDOWS system ctfmon exe C Program Files Creative MediaSource Detector CTDetect exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system CTsvcCDA EXE C Program Files Digital Line Detect DLG exe C WINDOWS System GEARSec exe C PROGRA TRENDM INTERN PcCtlCom exe C Program Files HP Digital Imaging bin hpqtra exe C WINDOWS system svchost exe C PROGRA TRENDM INTERN Tmntsrv exe C PROGRA TRENDM INTERN tmproxy exe C Program Files HP Digital Imaging bin hpqgalry exe C PROGRA TRENDM INTERN TmPfw exe C WINDOWS system rundll exe C WINDOWS system wuauclt exe C Documents and Settings mary ann Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL www google com ig dell hl en amp client dell-usuk amp channel us R - HKCU Software Microsoft Internet Explorer Main Start Page http gooogle com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search Default Page URL www google com ig dell hl en amp client dell-usuk amp channel us O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS System DLA DLASHX W DLL O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run SoundMAXPnP C Program Files Analog Devices Core smax pnp exe O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run Persistence C WINDOWS system igfxpers ex... Read more

https://forums.techguy.org/threads/can-someone-review-my-hjt-log-please.673438/
Relevancy 29.67%

Hello there husband has infected our laptop I read Log review HJT please the quot tips quot to do first and will post the logs below The laptop has random popup winfx pops to downloand program to fix beagle virus and black worm I do have screen print sample of the messages if that helps Ran HJT HJT Log please review panda ad ware which i alway HJT Log please review run anyway spybot McAfee have corp edition norton so that is alway run and sysclean and a couple of others Logs HJT Log please review are from hjt panda mcafee and sysclean cwshredder stinger spysweeper - I think that's it HJT LOG Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS system drivers dcfssvc exe C Program Files NavNT defwatch exe C WINDOWS system drivers KodakCCS exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C Program Files NavNT rtvscan exe C WINDOWS system nvsvc exe C WINDOWS system HPZipm exe C WINDOWS System svchost exe C Program Files Webroot Spy Sweeper WRSSSDK exe C WINDOWS Explorer EXE C WINDOWS system MsgSys EXE C Program Files NavNT vptray exe C WINDOWS system BacsTray exe C WINDOWS SM BG EXE C WINDOWS system ctfmon exe C Program Files Dell Support DSAgnt exe C WINDOWS system wdfmgr exe C WINDOWS System alg exe C WINDOWS system msiexec exe C WINZIP winzip exe C Documents and Settings Mary Beth Local Settings Temp HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride lt local gt O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO InfoDocReader Object - BA - - D -B DD- BDC - C WINDOWS system byvwt dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn ycomp dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run vptray C Program Files NavNT vptray exe O - HKLM Run bacstray BacsTray exe O - HKLM Run SM BG C WINDOWS SM BG EXE O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe installquiet O - HKLM Run ISUSPM Startup C PROGRA COMMON INSTAL UPDATE ISUSPM exe -startup O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run DellSupport quot C Program Files Dell Support DSAgnt exe quot startup O - HKCU Run Spyware Doctor quot C Program Files Spyware Doctor swdoctor exe quot Q O - Extra context menu item amp Google Search - res C Program Files Google GoogleToolbar dll cmsearch html O - Extra context menu item Backward Links - res C Program Files Google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res C Program Files Google GoogleToolbar dll cmcache html O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra context menu item Similar Pages - res C Program Files Google GoogleToolbar dll cmsimilar html O - Extra context menu item Translate into English - res C Program Files... Read more

A:HJT Log please review

I was hoping someone could review my log. Our computer keeps crashing on the internet from bogus popup.

mb

http://www.techsupportforum.com/forums/f284/hjt-log-please-review-96676.html
Relevancy 29.67%

--------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- Created on - - Report-Checksum B CBA Scan result HKLM SOFTWARE Classes ADM ADM - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes ADM ADM CurVer - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes ADM ADM - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes ADM ADM - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes ADM ADM CurVer - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes ADM ADM - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes AppID adm EXE - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes AppID Altnet Signing Module EXE - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes TopSearch TSLink - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes TopSearch TSLink CLSID - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes TopSearch TSLink CurVer - gt Adware Altnet Cleaned with backup HKLM SOFTWARE Classes TopSearch TSLink - gt Adware Altnet Cleaned with these!? review Please backup Please review these!? HKLM SOFTWARE Microsoft Windows CurrentVersion Explorer Browser Helper Objects FA - - c-A CC- EC DE CA - Please review these!? gt Adware RXToolbar Cleaned with backup C Program Files NewDotNet newdotnet dll - gt Adware NewDotNet Cleaned with backup C Program Files INSTAFINK - gt Adware Search Cleaned with backup C Program Files INSTAFINK instafink dll - gt Adware Search Cleaned with backup C Program Files NewDotNet - gt Adware NewDotNet Cleaned with backup C Program Files NewDotNet newdotnet dll - gt Adware NewDotNet Cleaned with backup C Program Files NewDotNet readme html - gt Adware NewDotNet Cleaned with backup C Program Files NewDotNet uninstall exe - gt Adware NewDotNet Cleaned with backup C Program Files NewDotNet uninstall exe - gt Adware NewDotNet Cleaned with backup C Program Files themexp Themexp org File NNWDAB EXE - gt Adware NewDotNet Cleaned with backup C WINDOWS NDNuninstall exe - gt Adware NewDotNet Cleaned with backup C WINDOWS NDNuninstall exe - gt Adware NewDotNet Cleaned with backup Panda Scan Log Incident Status Location Spyware application bestoffer Not disinfected c windows smdat a sys Potentially unwanted tool application need find Not disinfected c program files Need Find Spyware spyware new net Not disinfected c program files NewDotNet Potentially unwanted tool application altnet Not disinfected hkey local machine software microsoft windows currentversion app management arpcache AltnetDM Spyware spyware rxtoolbar Not disinfected Windows Registry Adware adware cws aboutblank Not disinfected Windows Registry Adware adware secure Not disinfected C WINDOWS System drivers etc hosts Spyware Cookie Tribalfusion Not disinfected C Documents and Settings MALCZAKI Cookies malczaki tribalfusion txt Potentially unwanted tool Application Processor Not disinfected C Documents and Settings MALCZAKI Download SmitfraudFix zip SmitfraudFix Process exe Potentially unwanted tool Application Processor Not disinfected C Documents and Settings MALCZAKI Pulpit SmitfraudFix Process exe Potentially unwanted tool Application Need Find Not disinfected C Program Files Need Find bar bin N PLUGIN DLL Potentially unwanted tool Application Need Find Not disinfected C Program Files Need Find bar bin ND FNBAR DLL Potentially unwanted tool Application Need Find Not disinfected C Program Files Need Find bar bin NPND FN DLL Potentially unwanted tool Application Processor Not disinfected C WINDOWS system Process exe Logfile of HijackThis v Scan saved at on - - Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS System RunDll exe C PROGRA Grisoft AVGFRE a... Read more

A:Please review these!?

Hello and Welcome to TSF!!

We'll make a pretty broad change to some things. Then we'll see if we can get you updated!

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below. Also if you have any programs that may prevent system changes (like Spybot's TeaTimer program, Ad-aware's Ad-Watch, and others), make sure you disable them before doing any of the fixes (or accept the changes for the fix we give you when asked by the programs).

Go to My Computer->Tools (or View)->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders (it's Show all files for Windows 98).
* Uncheck the Hide protected operating system files (recommended) option.
* Click Yes to confirm and then click OK.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

You have an outdated version of HijackThis. Download the newest version at http://www.greyknight17.com/spy/HijackThis.exe and run it.

Before you give us a new log here, if we gave you instructions for a fix, please do the fixes first and then post the new log with this updated version.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Post the HijackThis log here.

Download Hoster http://www.greyknight17.com/spy/Hoster.exe and run it. Choose the 'Restore Original Hosts' button and press OK.

Download CWShredder at http://www.greyknight17.com/spy/CWShredder.exe and run it. Click on 'I Agree' button if you agree. Click on 'Fix' (it will automatically fix anything it finds for you) and then click OK. If it asks if you want to delete a certain random file, choose No and post that filename here. Let it finish the scan and then hit Next and Exit.

Download CleanUp! http://cleanup.stevengould.org/ (Alternate Link if main link don't work - http://www.greyknight17.com/spy/CleanUp.exe ) and install it. CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp!. Don't run it yet!


Download LSPFix.exe as we may need it later.


While running Hijackthis, verify if these entries still exist:

O10 - Broken Internet access because of LSP provider 'c:program filesnewdotnetnewdotnet6_38.dll' missing

If they exist, we would be required to run LSPFix.exe

Instructions for using LSPFixDouble click on LSPFix.exe to run it.
Once running, you will be required to tick the disclaimer - "I know what I'm doing".
You'll find a windows with 2 panes.
In the left pane which is labeled 'Keep', select all instances of this file: newdotnet6_38.dll

Then click on the arrow pointing to the right, >>.
This will move the entry to the right pane labeled 'Remove'
Click the Finish button to complete the fix.
Only entries similar to newdotnet.dll need to be removed. If you see any other entries in the right pane, move them back to the "Keep" pane & post the filenames to inform me.



===============================================================

Restart your computer and boot into Safe Mode (if you don't know how, go to http://www.bleepingcomputer.com/foru...howtutorial=61 ). Make sure to close any open browsers.


Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Prog... Read more

http://www.techsupportforum.com/forums/f284/please-review-these-98570.html
Relevancy 29.67%

Hello My gateway computer has been 'lagging' and sounds like it is downloading something It also flashes outlines of HJT review Log...Please other windows popping out when there is no window being opened or appears visible Also when running java applications - the computer lags and is even slower I have done numerous amounts of scans from Nortan antivirus Spy Sweeper Ewido Lavasoft Ad-Aware and Spybot Search amp destroy All of these come up with nothing wrong and occassionally some cookies in search and destroy I did a free registry scan and it came up with registry problems But since this was a free trial scan it would not let me 'fix' any of these problems unless I purchased their HJT Log...Please review product HJT Log...Please review Anyways here is my HJT log Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system spoolsv exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files ewido security suite ewidoctrl exe C Program Files Norton AntiVirus navapsvc exe C Program Files Norton AntiVirus IWP NPFMntor exe C WINDOWS system svchost exe C Program Files Webroot Spy Sweeper SpySweeper exe C WINDOWS Explorer EXE C WINDOWS zHotkey exe C Program Files Digital Media Reader shwiconem exe C WINDOWS SOUNDMAN EXE C WINDOWS ALCWZRD EXE C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C PROGRA Sony SONICS SsAAD exe C Program Files Webroot Spy Sweeper SpySweeperUI exe C Program Files QuickTime qttask exe C Program Files iTunes iTunesHelper exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Common Files Sony Shared AVLib SSScsiSV exe C Program Files iPod bin iPodService exe C Program Files Common Files Symantec Shared Security Console NSCSRVCE EXE C Program Files AIM aim exe C Program Files Webroot Spy Sweeper SSU EXE C Program Files Mozilla Firefox firefox exe C Program Files Messenger msmsgs exe C Program Files HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www gateway com O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO Comcast Toolbar - E BD F- B D- E- BE-BE DF D AE - blank file missing O - BHO NAV Helper - A F D D-E - D -B A - BB FDD - C Program Files Norton AntiVirus NavShExt dll O - Toolbar AOL Toolbar - D A-C B- -B B-B B E D C - C Program Files AOL Toolbar toolbar dll O - Toolbar Comcast Toolbar - E BD F- B D- E- BE-BE DF D AE - blank file missing O - Toolbar Norton AntiVirus - C E A- F - E-B E- B - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run High Definition Audio Property Page Shortcut HDAudPropShortcut exe O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run CHotkey zHotkey exe O - HKLM Run ShowWnd ShowWnd exe O - HKLM Run SunKistEM quot C Program Files Digital Media Reader shwiconem exe quot O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run AlcWzrd ALCWZRD EXE O - HKLM Run Microsoft Works Update Detection quot C Program Files Common Files Microsoft Shared Works Shared WkUFind exe quot O - HKLM Run SsAAD exe C PROGRA Sony SONICS SsAAD exe O - HKLM Run SpySweeper quot C Program Files Webroot Spy Sweeper SpySweeperUI exe quot startintray O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp ... Read more

A:HJT Log...Please review

Download AIMfix. Double click on AIMfix.exe to run it. It will creat a log called AIMfix.log when it is finished, please post the contents of that log here along with a new hijackthis log.

Online Scans
Perform an online scan with Internet Explorer with Panda ActiveScan
** click on "Free use ActiveScan" located on the top right hand corner Click Scan your PC & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
Click Scan Now
Enter your e-mail address & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer If it finds any malware, it may ask you to purchase the program, this is not necessary we will take care of the entries manually.
At the end of the scan click on see report. Then click Save report
Please post that log in your next reply.

In your next post please include:AimFix Log
Panda Activescan Log
A new Hijackthis! Log

http://www.techsupportforum.com/forums/f284/hjt-log-please-review-112023.html
Relevancy 29.67%

I am having a problem that seems to Log HJT Needs Review exhibit a number of issues It seems copy past functions are disabled as I cannot copy and paste files text etc I do not have a Windows task bar My audio does not work I cannot move files or the icons on my desktop I cannot access other computers on my home network ----- Start of my HJT Log HJT Log Needs Review ----- Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C HJT Log Needs Review WINDOWS system svchost exe C WINDOWS System svchost exe C HJT Log Needs Review Program Files Cisco Systems VPN Client cvpnd exe C Program Files Mil Incorporated Mil Shield ShieldService exe C WINDOWS System nvsvc exe C Program Files Common Files Softwin BitDefender Communicator xcommsvr exe C Program Files Common Files Softwin BitDefender Scan Server bdss exe C Program Files Common Files Softwin BitDefender Update Service livesrv exe C WINDOWS Explorer EXE C Program Files Softwin BitDefender vsserv exe C Program Files Softwin BitDefender bdmcon exe C Program Files Softwin BitDefender bdoesrv exe C Program Files Softwin BitDefender bdnagent exe C Program Files Softwin BitDefender bdswitch exe C Program Files Mil Incorporated Mil Shield ShieldWorker exe C Program Files Mozilla Firefox firefox exe C Documents and Settings Jakub Desktop HijackThis exe F - REG system ini UserInit userinit exe O - HKLM Run High Definition Audio Property Page Shortcut HDAShCut exe O - HKLM Run BDMCon quot C Program Files Softwin BitDefender bdmcon exe quot O - HKLM Run BDOESRV quot C Program Files Softwin BitDefender bdoesrv exe quot O - HKLM Run BDNewsAgent quot C Program Files Softwin BitDefender bdnagent exe quot O - HKLM Run BDSwitchAgent quot C Program Files Softwin BitDefender bdswitch exe quot O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKCU Run MilShieldSlave quot C Program Files Mil Incorporated Mil Shield ShieldWorker exe quot -logon O - Global Startup Cisco Systems VPN Client lnk C Program Files Cisco Systems VPN Client vpngui exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button no name - ABF A-F D- - D F- D F A - C WINDOWS System dmonwv dll file missing O - Extra 'Tools' menuitem Java - ABF A-F D- - D F- D F A - C WINDOWS System dmonwv dll file missing O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - DPF E A- D- EE - C-DC FA D FC MUWebControl Class - http update microsoft com microsof O - HKLM System CS Services Tcpip Parameters SearchList ost com O - Protocol ms-help - C -A - D -BBCA- C F EC - C Program Files Common Files Microsoft Shared Help hxds dll O - Service BitDefender Scan Server bdss - Unknown owner - C Program Files Common Files Softwin BitDefender Scan Server bdss exe quot service file missing O - Service Cisco Systems Inc VPN Service CVPND - Cisco Systems Inc - C Program Files Cisco Systems VPN Client cvpnd exe O - Service InstallDriver Table Manager IDriverT - Macrovision Corporation - C Program Files Common Files InstallShield Driver Intel IDriverT exe O - Service BitDefender Desktop Update Service LIVESRV - Unknown owner - C Program Files Common Files Softwin BitDefender Update Service livesrv exe quot service file missing O - Service MilShieldCleaner - Unknown owner - C Program Files Mil Incorporated Mil Shield ShieldService exe O - Service NVIDIA Display Driver Service NVSvc - NVIDIA Corporation - C WINDOWS System nvsvc exe O - Service BitDefender Virus Shield VSSERV - Unknown owner - C Program Files Softwin BitDefender vsserv exe quot service file missing O - Service BitDefender Communicator XCOMM - Unknown owner - C Program Files Common Files Softwin B... Read more

A:HJT Log Needs Review

Hi JakubSK and welcome to the Security Forum

There is a possibility that some items are hiding from us. Please follow these instructions carefully.

I'd like you to rename HijackThis.exe (the actual .exe file) to glasgow.exe. Navigate to C:\hjt\HijackThis.exe (or wherever HJT is located)
Right click on HijackThis.exe
Select 'Rename'
Type in glasgow.exe
Press Enter.

Now run another scan (in Normal Mode) and post the new log back here.

http://www.techsupportforum.com/forums/f284/hjt-log-needs-review-117712.html
Relevancy 29.67%

A friend of mine told me about this site and I hope you can help me with the problems that I am experiencing I am receiving pop up adds at an alarming rate I have downloaded HijackThis and ran a log if you can view it for me this Please log review and tell me any suggestions to solve my problems Thank You Logfile of HijackThis v Scan saved at AM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe Please review this log C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files SpyHunter SpyHunter exe C WINDOWS System Ati evxx exe C WINDOWS system HPConfig exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS system RadioSvr exe C WINDOWS System svchost exe C WINDOWS wanmpsvc exe C Program Files Internet Explorer iexplore exe C WINDOWS System ctfmon exe C WINDOWS System zstatus exe C Program Files Adobe Acrobat Reader AcroRd exe C Program Files Internet Explorer iexplore exe C Documents and Settings Owner Local Settings Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http dsl sbc yahoo com R - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-us nb hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Bar http srch-us nb hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Page http srch-us nb hpwis com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www hp com info e-center-p R - HKLM Software Microsoft Internet Explorer Main Default Search URL http srch-us nb hpwis com R - Please review this log HKLM Software Microsoft Internet Explorer Search CustomizeSearch http srch-us nb hpwis com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride http localhost O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp hp toolkit - B E - D D- DEB- B - D BCF F - C HP EXPLOREBAR HPTOOLKT DLL O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run SpyHunter C Program Files SpyHunter SpyHunter exe O - HKLM Run MSConfig C WINDOWS PCHealth HelpCtr Binaries MSConfig exe auto O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - Extra context menu item amp Google Search - res C Program Files Google GoogleToolbar dll cmsearch html O - Extra context menu item Backward amp Links - res C Program Files Google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cac amp hed Snapshot of Page - res C Program Files Google GoogleToolbar dll cmcache html O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra context menu item Si amp milar Pages - res C Program Files Google GoogleToolbar dll cmsimilar html O - Extra context menu item Translate into English - res C Program Files Google GoogleToolbar dll cmtrans html O - Extra button Related HKLM O - Extra Tools menuitem Show amp Related Links HKLM O - Extra button Real com HKLM O - Extra button Messenger HKLM O - Extra Tools menuitem Messenger HKLM O - Plugin for mid C Program Files Internet Explorer PLUGINS npqtplugin dll O - Plugin for NPSSView C Program Files Seagate Software Viewers ActiveXViewer NPssView dll O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - IERESET INF START PAGE URL http www hp com info e-c... Read more

A:Please review this log

Start off by uninstalling Spyhunter.

Spyhunter is a travesty and is the cause of your problem

Use Spybot and Adaware (both freeware) to do a proper job
 

https://forums.techguy.org/threads/please-review-this-log.206711/
Relevancy 29.67%

R - HKCU Software Microsoft Internet Explorer Main Search Page http Could log review my someone go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - Could someone review my log HKLM Software Microsoft Internet Explorer Main Default Could someone review my log Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Window Title Internet Explorer provided by Sympatico O - HKLM Run avast C PROGRA ALWILS Avast ashDisp exe O - HKLM Run ZoneAlarm Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - Extra button no name - e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exe file missing O - Extra 'Tools' menuitem xpsp res dll - - e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exe file missing O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Options group INTERNATIONAL International O - Options group TABS Tabbed Browsing O - HKLM System CCS Services Tcpip E CD- CCE- E - - BF D NameServer O - SSODL WPDShServiceObj - AAA BA- A C- B - D - D DB - C WINDOWS system wpdshserviceobj dll O - Service avast iAVS Control Service aswUpdSv - ALWIL Software - C Program Files Alwil Software Avast aswUpdSv exe O - Service avast Antivirus - ALWIL Software - C Program Files Alwil Software Avast ashServ exe O - Service avast Mail Scanner - Unknown owner - C Program Files Alwil Software Avast ashMaiSv exe quot service file missing O - Service avast Web Scanner - Unknown owner - C Program Files Alwil Software Avast ashWebSv exe quot service file missing O - Service TrueVector Internet Monitor vsmon - Zone Labs LLC - C WINDOWS system ZoneLabs vsmon exe Thanks

http://www.techsupportforum.com/forums/f284/could-someone-review-my-log-156952.html
Relevancy 29.67%

Tried lots of removal programs but something is still sending out trillions of packets Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C review Can log? my please someone hjt WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe Can someone please review my hjt log? C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS Explorer EXE C Program Files Apoint Apoint exe C WINDOWS system atiptaxx exe C Program Files Sony HotKey Utility HKserv exe C WINDOWS System WScript exe C Program Files Trend Micro Internet Security pccguide exe C Program Files Sony Key Utility va key exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system ctfmon exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C Program Files PowerPanel Program PcfMgr exe C Program Files Apoint Apntex exe C WINDOWS system spoolsv exe C WINDOWS Can someone please review my hjt log? System Ati evxx exe C PROGRA TRENDM INTERN PcCtlCom exe C PROGRA TRENDM INTERN Tmntsrv exe C PROGRA TRENDM INTERN TmPfw exe C PROGRA TRENDM INTERN tmproxy exe C PROGRA TRENDM INTERN PcScnSrv exe C WINDOWS System svchost exe C Program Files Internet Explorer iexplore exe c progra Support com client bin tgcmd exe C Program Files Hijackthis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files adobe acrobat Reader ActiveX AcroIEHelper ocx O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run Apoint C Program Files Apoint Apoint exe O - HKLM Run ATIModeChange Ati mdxx exe O - HKLM Run AtiPTA atiptaxx exe O - HKLM Run va key C Program Files Sony Key Utility va key exe O - HKLM Run HKSERV EXE C Program Files Sony HotKey Utility HKserv exe O - HKLM Run ZTgServerSwitch c program files support com client lserver server vbs O - HKLM Run CleanupProgram C Sonysys cleanup exe O - HKLM Run RCScheduleCheck C Program Files VCOM Recovery Commander RCSCHED EXE -CHECK O - HKLM Run pccguide exe quot C Program Files Trend Micro Internet Security pccguide exe quot O - HKCU Run swg C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run SUPERAntiSpyware C Program Files SUPERAntiSpyware SUPERAntiSpyware exe O - Global Startup PowerPanel lnk O - Extra button no name - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dll O - Extra Tools menuitem Spybot - Search amp Destroy Configuration - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Options group INTERNATIONAL International O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - IERESET INF START PAGE URL http www sony com vaiopeople O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http update microsoft com windowsupdate v V Controls en x client wuweb site cab O - DPF E A- D- EE - C-DC FA D FC MUWebControl Class - http update microsoft com micro... Read more

https://forums.techguy.org/threads/can-someone-please-review-my-hjt-log.676315/
Relevancy 29.67%

I've been real paranoid about trojans and the like and do review my Can log? someone virus scans Can someone review my log? frequently with Norton and avast Home Edition The other day my computer suddenly crashed and I'm absolutely clueless as to what the cause was It might've been nothing to worry about but I was hoping someone could look this over for me and tell me if there's anything noticeably wrong Thanks in advance Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Symantec Shared ccProxy exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system spoolsv exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C PROGRA Grisoft AVGFRE avgemc exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Common Files LightScribe LSSrvc exe C WINDOWS ehome ehtray exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Norton Internet Security Norton AntiVirus navapsvc exe C hp drivers hplsbwatcher lsburnwatcher exe C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C Program Files HP HP Software Update HPwuSchd exe C Program Files ATI Technologies ATI ACE cli exe C PROGRA ALWILS Avast ashDisp exe C WINDOWS system svchost exe C Program Files DAEMON Tools daemon exe C Program Files Google Gmail Notifier gnotify exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS system dllhost exe C WINDOWS system ctfmon exe C Program Files iPod bin iPodService exe C WINDOWS eHome ehmsas exe C Program Files Messenger msmsgs exe C Program Files HP Digital Imaging bin hpqtra exe c Program Files HP Digital Imaging bin hpqSTE exe C Program Files Common Files Symantec Shared Security Console NSCSRVCE EXE C Program Files ATI Technologies ATI ACE cli exe C HP KBD KBD EXE C WINDOWS ALCXMNTR EXE c windows system hpsysdrv exe C WINDOWS System svchost exe C WINDOWS system ntvdm exe C Program Files Adobe Acrobat Reader AcroRd exe C Program Files Winamp winamp exe C Program Files MSN Messenger msnmsgr exe C Program Files AIM aim exe C WINDOWS system wuauclt exe C Program Files Internet Explorer iexplore exe C HJT HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TY rm seconduser R - HKCU Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TY rm seconduser R - HKCU Software Microsoft Internet Explorer Main Start Page http securityresponse symantec com r fix homepage R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TY rm seconduser R - HKLM Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TY rm seconduser R - HKLM Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TY rm seconduser R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TY rm seconduser R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http ie redirect hp com svs rdr TY rm seconduser O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper ... Read more

A:Can someone review my log?

You have three Anti-Virus programs running, Norton, Avast and AVG. While it may seem to be added protection for you, this can cause conflict and system instability.

Uninstall 2, and keep one. Post a new log.

http://www.techsupportforum.com/forums/f284/can-someone-review-my-log-95745.html
Relevancy 29.67%

Logfile of HijackThis v Scan saved at HJT - Review please on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System HJT - Review please smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C Program Files ewido security suite ewidoctrl exe C Program Files ewido security suite ewidoguard exe C WINDOWS Explorer EXE C Program Files Microsoft SQL Server MSSQL MICROSOFTBCM Binn sqlservr exe C Program Files Microsoft SQL Server MSSQL Binn sqlservr exe C WINDOWS System hkcmd exe C WINDOWS SYSTEM ZoneLabs vsmon exe C WINDOWS BCMSMMSG exe C Program Files Dell AccessDirect dadapp exe C Program Files Dell QuickSet quickset exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS System DSentry exe C WINDOWS system dla tfswctrl exe C PROGRA COMMON XCPCSync TRANSL ErPhn ErTray exe C Program Files Thomson SpeedTouch USB Dragdiag exe C Program Files Common Files Real Update OB realsched exe C Program Files Zone Labs ZoneAlarm zlclient exe C PROGRA Grisoft AVGFRE avgcc exe C WINDOWS System ctfmon exe C Program Files Microsoft SQL Server Tools Binn sqlmangr exe C Documents and Settings SL Desktop HJT HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www euro dell com countries u en default htm R - HKCU Software Microsoft Internet Explorer Main Start Page http www wanadoo co uk R - HKLM Software Microsoft Internet Explorer Main Start Page http www euro dell com countries u en default htm R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www euro dell com countries u en default htm O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run BCMSMMSG BCMSMMSG exe O - HKLM Run DadApp C Program Files Dell AccessDirect dadapp exe O - HKLM Run Dell QuickSet C Program Files Dell QuickSet quickset exe O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run DVDSentry C WINDOWS System DSentry exe O - HKLM Run dla C WINDOWS system dla tfswctrl exe O - HKLM Run StorageGuard quot C Program Files Common Files Sonic Update Manager sgtray exe quot r O - HKLM Run XTNDConnect PC - ErPhn C PROGRA COMMON XCPCSync TRANSL ErPhn ErTray exe O - HKLM Run SpeedTouch USB Diagnostics quot C Program Files Thomson SpeedTouch USB Dragdiag exe quot icon O - HKLM Run nvidll nvidll exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run WinNavap Service navapdlls exe O - HKLM Run Compaq Service Drivers navapqwa exe O - HKLM Run Zone Labs Client C Program Files Zone Labs ZoneAlarm zlclient exe O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM RunServices nvidll nvidll exe O - HKLM RunServices WinNavap Service navapdlls exe O - HKLM RunServices Compaq Service Drivers navapqwa exe O - HKCU Run Compaq Service Drivers navapqwa exe O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - HKCU RunServices Compaq Service Drivers navapqwa exe O - Global Startup Microsoft Office OneNote Quick Launch lnk C Program Files Microsoft Office OFFICE ONENOTEM EXE O - Global Startup Service Manager lnk C Program Files Microsoft SQL Server Tools Binn sqlmangr exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Plugin for s... Read more

A:HJT - Review please

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Click Yes to confirm and then click OK.

Before attacking an adware/spyware problem with hijackthis make sure you have already run the following tools. Download and update the databases on each program before running. Ad-Aware? SE Personal Edition
*Note* For Ad-AwareSE also install the VX2 Addon Cleaner To run this tool once Adaware is updated click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK" , then, if something is found, click "Clean" as in the directions given. Click "Close", and exit Ad-Aware.
Spybot Search & Destroy
CWShredder

Download Ewido Security SuiteInstall Ewido Security Suite
When installing, under "Additional Options" uncheck..Install background guard
Install scan via context menu

Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.On the left hand side of the main screen click update.
Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there. Download CleanUp! (Alternate Link if main link doesn't work) and install it.

*NOTE* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp! If you have a 64 bit Operating System do NOT run Cleanup and let me know as we will use another utility.

Run Cleanup! using the following configuration:

1. Click Options...
2. Set the slider to Standard CleanUp!
3. Uncheck the following:Delete Newsgroup cache
Delete Newsgroup Subscriptions
Scan local drives for temporary files
4. Click OK
5. Press the CleanUp! button to start the program. Reboot/logoff when prompted.
* CleanUp! will not create any backups!!

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Make sure to close any open browsers.

Click Start->Run - type SERVICES.MSC & then click on the OK button Locate the service - Indexing Provider (arsch)
Double-click on it to open the Properties dialog. Under the General tab, note down the name of "Service name". We shall need it later.
Stop the service by using the Stop button.
Change the Startup type to Disabled & then click on the OK button

Then start HiJackThis & go to Config>Misc.Tools...> Delete an NT service...
In the popup box that appears, type in "Service name" & then click on the OK button


Run Ewido with it's updated definitions:(...it's important that all windows must be closed) Click Scanner
Click Complete System Scan to begin scanning.
Click OK when prompted to clean files
With the first file it prompts to clean, select the option: "Perform action on all infections"
.Choose clean and click OK.
Once finished, click the Save report button & save the report to your desktop

** Ewido scan would require at least an hour.

Run a scan in HijackThis. Check... Read more

http://www.techsupportforum.com/forums/f284/hjt-review-please-75142.html
Relevancy 29.67%

Log was analyzed using KRC HijackThis Analyzer - Updated on Get updates at http www greyknight com download htm programs Security Programs Detected C PROGRAM FILES GRISOFT AVG FREE AVGCC EXE C PROGRAM FILES GRISOFT AVG FREE AVGEMC EXE C PROGRAM FILES GRISOFT AVG FREE AVGAMSVR EXE review HJT log.. need O - HKLM HJT log.. need review Run AVG CC C PROGRA GRISOFT AVGFRE AVGCC EXE STARTUP O - HKLM Run AVG EMC C PROGRA GRISOFT AVGFRE AVGEMC EXE O - HKLM Run AVG AMSVR C PROGRA GRISOFT AVGFRE AVGAMSVR EXE Logfile of HijackThis v Scan saved at PM on Platform Windows Gold Win x MSIE Internet Explorer v SP Running processes c windows SYSTEM KB KB EXE C PROGRAM FILES ONTRACK SYSTEMSUITE MXTASK HJT log.. need review EXE R - HKCU Software Microsoft Internet Explorer Main Search Bar http channels aimtoday com search aimtoolbar jsp R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R HJT log.. need review - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLL O - Toolbar amp Yahoo Companion - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLL O - HKLM RunServices KB c windows SYSTEM KB KB EXE O - Startup SystemSuite lnk C Program Files Ontrack SystemSuite MXTask exe O - Startup Quicken Scheduled Updates lnk C QUICKENW bagent exe O - Extra context menu item amp Translate English Word - res C PROGRAM FILES GOOGLE GOOGLETOOLBAR DLL cmwordtrans html O - Extra context menu item Translate Page into English - res C PROGRAM FILES GOOGLE GOOGLETOOLBAR DLL cmtrans html O - Extra 'Tools' menuitem Yahoo Messenger - BBE - E - D -AD - D AD - C PROGRAM FILES YAHOO MESSENGER YHEXBMES DLL O - DPF FA C -B E - D -A - B D IWinAmpActiveX Class - http cdn digitalcity com media dalaillama ampx cab O - DPF Yahoo Chess - http download games yahoo com game ts y ct x cab O - DPF - F - BB - D -FA D F A AB YInstStarter Class - http us dl yimg com download yaho st cab O - DPF Yahoo Chinese Checkers - http download games yahoo com game s y cct x cab O - DPF Yahoo Bingo - http download games yahoo com game ts y xt x cab O - DPF Yahoo Pool - http download games yahoo com game s y pote x cab O - DPF Yahoo Blackjack - http download games yahoo com game ts y jt x cab O - DPF Yahoo Go Fish - http download games yahoo com game ts y zt x cab O - DPF Yahoo Reversi - http download games yahoo com game ts y rt x cab O - DPF B E - ECB- DA- C A- F A FF MsnMessengerSetupDownloadControl Class - http messenger msn com download Ms Downloader cab O - DPF Yahoo Dominoes - http download games yahoo com game s y dot x cab O - DPF D A-B A- C C-AEA - B A DFCB iTunesDetector Class - http ax phobos apple com edgesuite ITDetector cab O - DPF C - E - D - - ED Support com ActionRunner Class - http help rr com Foundrysdccommon ad tgctlar cab O - DPF FC F- C - F-B B - A DE Webshots Photo Uploader - http community webshots com html WSPhotoUploader CAB O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net ll xscan cab O - DPF F F - - - F - DA A D IncrediMail - http www incredimail com contents r imloader cab O - DPF E E - AF- - C -A ADCBF BD HouseCall Control - http housecall trendmicro com housecall xscan cab End of KRC HijackThis Analyzer Log

A:HJT log.. need review

Don't see much in the log. Are you having an issue....or just checking??

http://www.techsupportforum.com/forums/f284/hjt-log-need-review-74077.html
Relevancy 29.67%

If possible could somebody review this hijkack log and advise what to fix as getting windows explorer media has encountered an error and needs to close thanks in advance Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE please review Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost please review exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr please review exe C WINDOWS system spoolsv exe C WINDOWS System MMTray exe C Program Files Elaborate Bytes CloneCD CloneCDTray exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Messenger msmsgs exe C Program Files Common Files Symantec Shared ccProxy exe C Program Files Norton Internet Security Professional Norton AntiVirus navapsvc exe C Program Files Norton Internet Security Professional Norton AntiVirus SAVScan exe C Program Files Common Files Symantec Shared SNDSrvc exe C PROGRA NORTON NORTON SPEEDD please review NOPDB EXE C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C PROGRA INCRED bin IMApp exe C WINDOWS explorer exe C Program Files Internet Explorer iexplore exe C Zips HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www couldnotfind com search page html amp account id R - HKCU Software Microsoft Internet Explorer Main Search Page http www couldnotfind com search page html amp account id R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKCU Software Microsoft Internet Explorer Search SearchAssistant http www couldnotfind com search page html amp account id R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www google co uk R - URLSearchHook no name - B - E- AA-B -B BDF E - no file O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO Web assistant - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton Internet Security Professional Norton AntiVirus NavShExt dll O - Toolbar Web assistant - B EAC - D - b e- B -A C A A - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton Internet Security Professional Norton AntiVirus NavShExt dll O - Toolbar GameBar - E BD F- B D- E-C FF-FD B BD D - C RECYCLER S- - - - - - - Dc GameBar gamebar dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run MMTray MMTray exe O - HKLM Run NeroCheck C WINDOWS system NeroCheck exe O - HKLM Run CloneCDTray C Program Files Elaborate Bytes CloneCD CloneCDTray exe O - HKLM Run ElbyCheckElbyCDFL quot C Program Files Elaborate Bytes CloneCD ElbyCheck exe quot L ElbyCDFL O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run URLLSTCK exe C Program Files Norton Internet Security Professional UrlLstCk exe O - HKLM Run Advanced Tools Check C PROGRA NORTON NORTON AdvTools ADVCHK EXE O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run IncrediMail C PROGRA INCRED bin IncMail exe c O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item amp Add animation to IncrediMail Style Box - C PROGRA INCRED bin resources WebMenuImg htm O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Related HKLM O - Extra Tools menuitem Show amp Related Links HKLM O - Extra button Messenger HKLM O - Extra Tools menuitem Messenger HKLM O - DPF B BCA- F C- CF- - Shockwave ActiveX Control - http download ma... Read more

A:please review

Click on the link below to download CWShredder. Close all browser windows,UnZip the file, click on the cwshredder.exe then click "Fix" (Not "Scan only") and let it do it's thing.

http://www.merijn.org/files/cwshredder.zip

When it is finished restart your computer.

To help prevent this from happening again, I strongly recommend you install the folowing patches for the vulnerabilities that this hijacker exploits:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-011.asp

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS00-075.asp

*Note: The simplest way to make sure you have all the security patches is to go to Windows update and install all "Critical Updates"
Come back here and post another Hijack This log and we'll get rid of what's left.
 

https://forums.techguy.org/threads/please-review.194322/
Relevancy 29.67%

Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP I am operating XP with SP and I am having error notices and Comp just isn't working right I have had Tried review-Thanks to log Everything-HJT alot of problems with mt mail too - it syarted with getting Msn premium and the mail going direct to that program and when I got rid of that- it went direct to Hotmail I was using Incredimail but I am unable to now after scanning and cleaning I am able to now use Outlook Express but I don't really want to Any help at all I would be thankful for Running processes C WINDOWS System smss exe C WINDOWS system winlogon Tried Everything-HJT log to review-Thanks exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files TGTSoft StyleXP StyleXPService exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS system igfxtray exe C WINDOWS system hkcmd exe C Program Files QuickTime qttask exe C PROGRA Java J Tried Everything-HJT log to review-Thanks RE bin jusched exe C Program Files Microsoft Hardware Keyboard type exe C WINDOWS kdx KHost exe C Program Files Common Files Real Update OB realsched exe C WINDOWS System spool DRIVERS W X E FATI AA EXE C WINDOWS system F F F F F F F exe C Program Files ProcessGuard pgaccount exe C Program Files MSN Messenger MsnMsgr Exe C Program Files ProcessGuard procguard exe C WINDOWS system DRIVERS CDANTSRV EXE C PROGRA INCRED bin IMApp exe C Program Files ProcessGuard dcsuserprot exe C WINDOWS System svchost exe C WINDOWS wanmpsvc exe C Program Files Microsoft AntiSpyware gcasDtServ exe C WINDOWS system wscntfy exe C Program Files Internet Explorer iexplore exe C Documents and Settings Owner RENEESCOMP Desktop hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http sympatico msn ca R - URLSearchHook no name - A FAF - E- cf- - F A D - no file O - BHO DownloadRedirect Class - - CB - C- C D- FA D D A - no file O - BHO MyWebSearch Search Assistant BHO - A FAF - E- cf- - F A D - no file O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO mwsBar BHO - B EA -A - -B BB- DE CCA - no file O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO wb - BE F D- CAF- c e-B - A A C D EC - C WINDOWS system nsi dll O - BHO no name - A - CFB- a -BDFD- E C - no file O - BHO TGTSoft Explorer Toolbar Changer - C CF - F- - AC-E D C C - C Program Files TGTSoft StyleXP TGT BHO dll O - BHO wingyb bho - F D ACF- F - D -A D - D AE - C WINDOWS wingyb dll O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn ycomp dll O - Toolbar MSN Toolbar - BDAD DAD-C - A -ADC - B B FF D - C Program Files MSN Toolbar msgr en-us en-ca msntb dll O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run SunJavaUpdateSched C PROGRA Java J RE bin jusched exe O - HKLM Run IntelliType quot C Program Files Microsoft Hardware Keyboard type exe quot O - HKLM Run kdx C WINDOWS kdx KHost exe O - HKLM Run sureshotpopupkiller quot C Program Files Stop-the-Pop-Up Lite stopthepop exe quot -minimized O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run gcasServ quot C Program Files Microsoft AntiSpyware gcasServ exe quot O - HKLM Run EPSON Stylus CX Series C WINDOWS System spool DRIVERS W X E FATI AA EXE P quot EPSON Stylus CX Series quot O quot USB quot M quot Stylus CX quot O - HKLM Run irassync C WINDOWS system irasyncd exe O - HKLM Run D A B C C A F F F F F F F exe O - HKLM Run pgaccount quot C Program Files ProcessGuard pgaccount exe... Read more

A:Tried Everything-HJT log to review-Thanks

Hello and Welcome to TSF!

Please subscribe to this thread to get immediate notification of fixes as soon as they are posted.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *





Download and unzip - bfu.zip
Run the program and click the Web button located on the top right corner

Copy/Paste this url into the address bar of the Download script window:

http://metallica.geekstogo.com/EGDACCESS.bfu


Checkmark the following boxes:Use settings specified in script for the above option
Show log after script ends
Execute the script by clicking the Execute button.

When it finishes running, click the Save button for a copy of the log
Post the log created by the script & a new HJT log after that.


If you have any questions about the use of BFU please click here


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Please download these additional files/programs. Do not run them untill instructed to do so.
Unless otherwise stated, they should be stored in same directory as the HiJackThis program.

CleanUp! - Install.

Ewido Security SuiteInstall Ewido Security Suite
When installing, under "Additional Options" uncheck..Install background guard
Install scan via context menu

Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.On the left hand side of the main screen click update.
Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.


'UNPLUG'/DISCONNECT YOUR COMPUTER FROM THE INTERNET WHEN YOU HAVE FINISHED DOWNLOADING


This webpage would not be available when you're carrying out the fix. Please save the following instructions in Notepad. I have customed my instructions on the assumption that you are using Notepad. It may lead to some confusion should you choose to do otherwise.

If there's anything that you don't understand, kindly ask your questions before proceeding with the fixes. There should not be any opened browsers when you are carrying out the procedures below.


IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Click Start->Run - type SERVICES.MSC & then click on the OK button Locate the service - Windows Overlay Components
Double-click on it to open the Properties dialog.
Stop the service by using the Stop button.
Change the Startup type to Disabled & then click on the OK button

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


With HiJackThis & place a check next to these items and select "Fix checked":

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: DownloadRedirect Class - {00000000-6CB0-410C-8C3D-8FA8D2011D0A} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: wb - {55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC} - C:\WINDOWS\system32\nsi39.dll
O2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)
O2 - BHO: wingyb.bho - {F68D4ACF-5F32-4D00-A9D9-62D849AE0451} - C:\WINDOWS\wingyb.dll
O4 - HKLM\..\Run: [irassync] C:\WINDOWS\system32\irasyncd.exe
O4 - HKLM\..\Run: [0D090A0B0C0C0A0] F5F1F2F3F4F4F.exe
O4 - HKCU\..\Run: [irassync] C:\WINDOWS\system32\irasyncd.exe
O4 - HKCU\..\Run: [WinFixer 2005] C:\Program Files\WinFixer 2005\uwfx5.exe /scan
O4 - HKCU\..\Run: [WinFixer2005] "C:\Program Files\WinFixer 2005\uwfx5.exe" /min... Read more

http://www.techsupportforum.com/forums/f284/tried-everything-hjt-log-to-review-thanks-79473.html
Relevancy 29.67%

Here it is thanks in advance Logfile of HijackThis v Scan saved at PM on Platform Windows Can HJT log Review Someone My XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C Program Files Common Files Microsoft Shared VS Debug mdm exe C Program Files Norton Can Someone Review My HJT log AntiVirus navapsvc exe C Program Files Norton Norton Utilities NPROTECT EXE C Program Files Norton AntiVirus SAVScan exe C PROGRA Norton SPEEDD nopdb exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS Explorer EXE C Program Files Java j re bin jusched exe C Program Files Lexmark X -X lxbbbmgr exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS System ctfmon exe C Program Files Lexmark X -X lxbbbmon exe C Program Files Adobe Acrobat Distillr acrotray exe C Program Files Kazaa Lite K KazaaLite kpp C Program Files Internet Explorer iexplore exe C Documents and Settings Liam Desktop hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http login passport net uilogin srf id O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Acrobat ActiveX AcroIEHelper dll O - BHO no name - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar Adobe PDF - -D C - Can Someone Review My HJT log - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKLM Run Lexmark X -X quot C Program Files Lexmark X -X lxbbbmgr exe quot O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - Global Startup Acrobat Assistant lnk C Program Files Adobe Acrobat Distillr acrotray exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra Tools menuitem Sun Java Console HKLM O - Extra button Related HKLM O - Extra Tools menuitem Show amp Related Links HKLM O - Extra button Messenger HKLM O - Extra Tools menuitem Messenger HKLM O - DPF F C AA- B- -BA - A BB F Update Class - http v windowsupdate microsoft com CAB x unicode iuctl CAB O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http download macromedia com pub shockwave cabs flash swflash cab nbsp

A:Can Someone Review My HJT log

Just noticed you got overlooked here, this should have been posted in security for better assistance. Moving there now.
 

https://forums.techguy.org/threads/can-someone-review-my-hjt-log.189090/
Relevancy 29.67%

Please review this HJT log The only way I can access the system is through safe mode via task manager System only boots to desktop wallpaper never loads icons Thanks Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS log 4 HJT review System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS Explorer exe C WINDOWS System wwkyoq exe C Documents and Settings Owner Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKCU Software Microsoft Internet Explorer Main Search Bar res C WINDOWS system fcmrc dll sp html R - HKCU Software HJT log 4 review Microsoft Internet Explorer Main Search Page res C WINDOWS system fcmrc dll sp html R - HKLM Software Microsoft Internet Explorer Main Default Page URL about blank R - HKLM Software Microsoft Internet Explorer Main Default Search URL res C WINDOWS system fcmrc dll sp html R - HKLM Software Microsoft Internet Explorer Main SearchAssistant http www websearch com ie aspx tb id R - HKLM Software Microsoft Internet Explorer Main Search Bar res C WINDOWS system fcmrc dll sp html R - HKLM Software Microsoft Internet Explorer Main Search Page res C WINDOWS system fcmrc dll sp html R - HKCU Software Microsoft Internet Explorer Search SearchAssistant res C WINDOWS system fcmrc dll sp html R - HKLM Software Microsoft Internet Explorer Search SearchAssistant res C WINDOWS system fcmrc dll sp html R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Int ernet Settings ProxyOverride localhost lt local gt R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - Default URLSearchHook is missing F - REG system ini Shell Explorer exe C winlogon exe F - REG win ini run C WINDOWS inetdata services exe O - BHO no name - E -FFAD- - C - CA F B - no file O - BHO no name - F FA - B- - C - A A - C WINDOWS javakq dll O - HKLM Run xp system C WINDOWS inetdata services exe O - HKLM Run Explorer C WINDOWS System EXPLORER EXE O - HKLM Run Shell Logon C winlogon exe O - HKLM Run Configuration Loader wicualt exe O - HKLM Run COM System Applications lsas exe O - HKLM Run SYSTEM sys exe O - HKLM Run winupdtl C WINDOWS System winupdt exe O - HKLM Run SurfSideKick C Program Files SurfSideKick Ssk exe O - HKLM Run USB controller quot C DOCUME Owner LOCALS Temp ICD tmp svcmm exe quot startup O - HKLM Run gv paj o C Program Files gv paj o gv paj o exe O - HKLM Run version C WINDOWS System Fjjakg exe O - HKLM Run t f U tschost exe O - HKLM Run Dvx C WINDOWS System wsxsvc wsxsvc exe O - HKLM Run vmss C WINDOWS System vmss vmss exe O - HKLM Run AutoUpdater quot C Program Files AutoUpdate AutoUpdate exe quot O - HKLM Run sqnoovum c windows system sqnoovum exe O - HKLM Run AUNPS RUNDLL AUNPS DLL Run O - HKLM Run VBundleOuterDL C Program Files VBouncer BundleOuter EXE O - HKLM Run BullsEye Network C Program Files BullsEye Network bin bargains exe O - HKLM Run CashBack C Program Files CashBack bin cashback exe O - HKLM Run secure C WINDOWS System Ltnllh exe O - HKLM Run saie c windows system saie exe O - HKLM Run Media Pass C Program Files Media Pass MediaPassK exe O - HKLM Run etbrun C windows system elitetbm exe O - HKLM Run WinTools C PROGRA COMMON WinTools WToolsA exe O - HKLM Run WebRebates quot C Program Files Web Rebates WebRebates exe quot O - HKLM Run exp exe C WINDOWS System exp exe O - HKLM Run WinTask driver C WINDOWS System wintask exe O - HKLM Run TBPS C PROGRA Toolbar TBPS exe O - HKLM Run AutoLoaderAproposClient quot C WINDOWS System Cache cxtpls loader exe quot HideUninstall HideDir PC CP FHB ForSupportedBrowsers ShowLegalNote nonbranded O - HKLM Run Windows Service C WINDOWS System dstart exe O - HKLM R... Read more

A:HJT log 4 review

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted.

To be honest, my first impression of your machine is that it's a bad joke. You should seriously reviewing your downloading/browsing habits.

Please read this post completely before begining the fix. If there's anything that you do not understand, kindly ask your questions before proceeding. Please ensure that there aren't any any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.


* * * * * * ADDITIONAL DOWNLOADS * * * * * * * * * * * * * *


Download & install - CleanUp.exe (not recommended for WinXP64)

Download & extract it to it's own folder - About Buster.zip.

LQFix.zip

Download & extract it to it's own folder - smitRem.exe

Download and install Ewido Security SuiteWhen installing, under "Additional Options",uncheck - Install background guard

Have Ewido update itself & then exit the program.
If you are having problems with the updater, you can use this link to manually update Ewido

If you have not already installed Ad-Aware SE 1.06, download and update aawsepersonal.exe

'UNPLUG'/DISCONNECT your computer from the Internet when you have finished downlaoding.
It is IMPORTANT that you don't miss a step & perform everything in the correct order.


* * * * * * UN-INSTALLING PROGRAMS * * * * * * * * * * * * * *


Go to Start -> Control Panel -> Add or Remove Programs and uninstall the following programs: Surf SideKick
vmss
AutoUpdate
VBouncer
BullsEye Network
Cashback
Media Pass
Bargain Buddy
WinTools
WebRebates
ToolBar
Ebates_MoeMoneyMaker
WinTools
Please note any other programs that you dont recognize in that list in your next response


* * * * * * BATCHES / REG FIXES * * * * * * * * * * * * * * * * *


From within LQFix.zip, doubleclick LQFix.bat


* * * * * * DISABLING SERVICES * * * * * * * * * * * * * * * * *


Click Start -> Run - type SERVICES.MSC & then click on the OK button Locate the service - WinTools for IE service (WinToolsSvc)
Double-click on it to open the Properties dialog.
- Stop the service by using the Stop button.
- Change the Startup type to Disabled & then click on the OK button
Then start HiJackThis & go to Config... -> Misc.Tools -> Delete an NT service
In the popup box that appears, copy/paste WinToolsSvc
Click on the OK button & answer No if prompted to reboot
Repeat steps 1-5 for these other services :- Configuration Loader (a3)
O23 - Service: COM+ System Applications (COMS)
SYSTEM
ZESOFT
Network Security Service (?%AF?)

* * * * * * FIXING ENTRIES WITH HIJACKTHIS * * * * * * * * * *


Do a HijackThis scan & place a check next to these items and select "Fix checked":

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us4.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\fcmrc.dll/sp.html#12802
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\fcmrc.dll/sp.html#12802
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\fcmrc.dll/sp.html#12802
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50220
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\fcmrc.dll/sp.html#12802
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\fcmrc.dll/sp.html#12802
R1 - HKCU\Software\Microsoft\Int... Read more

http://www.techsupportforum.com/forums/f284/hjt-log-4-review-85985.html
Relevancy 29.67%

Hi, I'm new. I'd like for someone to review my log and see if there's anything un-needed or dangerous to my computer, it's been running slow and occaisonally freezing for up to 30 minutes just recently, I have done a full scan using AVG free and that removed one trojan, but if someone could post the guide to get the logs that'd be fab, and I just want you guys to see if there's anything that shouldn't be there, or that would speed up my computer a little.

I plan on getting about 2 more gigs of RAM for my pc this week, as I'm running Vista with 1gb, which should be enough, but I've heard of people using 6gb, to have there computer running smooth, I have removed mostly all programs that I do not use or need.

Thanks in advance.
 

A:I'd like a log review please.

Anybody...?
 

https://forums.techguy.org/threads/id-like-a-log-review-please.683475/
Relevancy 29.67%

Please review my log Thanks Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C HJT review log my Please WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE c program files mcafee com agent mcdetect exe c PROGRA mcafee com vso mcshield exe c PROGRA mcafee com agent mctskshd exe C WINDOWS Explorer EXE c PROGRA mcafee com vso OasClnt exe C PROGRA McAfee com PERSON MpfService exe C WINDOWS system svchost exe c program files mcafee com vso mcvsshld exe c progra mcafee com vso mcvsescn Please review my HJT log exe c program files mcafee com agent mcagent exe C Program Files Java j re bin jusched exe C Program Files Analog Devices SoundMAX SMax PNP exe C Program Files Intel Modem Event Monitor IntelMEM exe C Program Files Dell Media Experience PCMService exe C Program Files Common Files Real Update OB realsched exe C Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe C Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe C PROGRA COMMON INSTAL UPDATE issch exe C Program Files support com bin tgcmd exe C Program Files WildTangent Apps CDA GameDrvr exe C PROGRA McAfee com PERSON MpfTray exe C Program Files QuickTime qttask exe C WINDOWS system dla tfswctrl exe C WINDOWS system hkcmd exe C Program Files Hewlett-Packard HP Share-to-Web hpgs wnf exe C WINDOWS system igfxpers exe C WINDOWS system intell exe C Program Files Dell Support DSAgnt exe C PROGRA McAfee com PERSON MpfAgent exe C Program Files AIM aim exe C PROGRA AWS WEATHE Weather EXE C PROGRA Comcast COMCAS data Xtras mssysmgr exe C Program Files Philips Photo Manager FunCam Philips FunCam Monitor exe c progra mcafee com vso mcvsftsn exe C Program Files Messenger msmsgs exe C Program Files Internet Explorer iexplore exe C DOCUME Sam LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKCU Software Microsoft Internet Explorer Main Search Bar http bfc myway com search de srchlft html R - HKCU Software Microsoft Internet Explorer Main Search Page http www accoona com R - HKCU Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKLM Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www accoona com search assist mpaign wdz R - HKCU Software Microsoft Internet Explorer SearchURL Default http www accoona com search q s R - HKCU Software Microsoft Internet Connection Wizard ShellNext http my netzero net s sp r al amp cf s amp N PLHSEM amp O I R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - URLSearchHook no name - D F -B FE- -BF - AB D D - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO McBrwHelper Class - B AA -DAF - -BD D- F BCB E - c program files mcafee com mps mcbrhlpr dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO My Web Search Bar BHO - EAB C -F EC- b -A BA-D BCAE C - C Program Files MyWebSearchWB bar bin W BAR DLL O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - Toolbar ZeroBar - F C - FB - FE-BA - E DDE - C Program Files NetZero toolbar dll file missing O - Toolbar AIM Search - D A B-D B- d - A - EE F C - C Program Files AIM Toolbar AIMBar dll O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKLM Run SoundMAXPnP C Program Files Analog Devices SoundMAX SMax PNP exe O - HKLM Run IntelMeM C Program Files Intel Modem Event Monitor IntelMEM exe O - HKLM Run PCMService quot C Program Files Dell Media Experience PCMService exe quo... Read more

A:Please review my HJT log

Please follow the instructions on this page MicroBell’s 5 Step Process
http://www.techsupportforum.com//sec...ijackthis.html

Then post another log.

http://www.techsupportforum.com/forums/f284/please-review-my-hjt-log-90131.html
Relevancy 29.67%

Please review the log below I am getting frustrating popups and errors while performing searches on the internet Thanks Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Common Files McAfee HackerWatch HWAPI exe C PROGRA McAfee MSC mcmscsvc exe c PROGRA COMMON mcafee mna mcnasvc exe C PROGRA McAfee VIRUSS mcods exe C PROGRA McAfee MSC mcpromgr exe c PROGRA COMMON mcafee - Please this help!! Log I need Review mcproxy mcproxy exe c PROGRA COMMON mcafee redirsvc redirsvc exe C PROGRA McAfee VIRUSS mcshield exe C PROGRA McAfee VIRUSS mcsysmon exe C Program Files McAfee MPF MPFSrv exe C PROGRA McAfee MPS mps exe C Program Files McAfee MSK MskSrver Please Review this Log - I need help!! exe C Program Files SiteAdvisor SAService exe C Program Files Please Review this Log - I need help!! Dell Support Center bin sprtsvc exe C WINDOWS system svchost exe C Program Files McAfee MPS mpsevh exe C Program Files Analog Devices Core smax pnp exe C Program Files Java jre bin jusched exe C Program Files Intel Modem Event Monitor IntelMEM exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Dell Media Experience DMXLauncher exe C Program Files Lexmark Series lxbumon exe C Program Files Lexmark Series ezprint exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C WINDOWS system dla tfswctrl exe C Program Files McAfee MSK MskAgent exe C Program Files SiteAdvisor SiteAdv exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system ctfmon exe C Program Files Dell Support Center bin sprtcmd exe C Program Files KODAK Kodak EasyShare software bin EasyShare exe C WINDOWS system lxbucoms exe c PROGRA mcafee com agent mcagent exe C WINDOWS system wuauclt exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by Insight Broadband R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - FD D- B- FC- - AE - C Program Files SiteAdvisor SiteAdv dll O - BHO no name - F - E - CC- E -BA E - C WINDOWS system bthc dll O - BHO X IEHook Class - EF -D A - AD-A -E CF - C Program Files NetZero qsacc X IEBHO dll file missing O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO scriptproxy - DB D A - - E -B D- F C - c PROGRA mcafee VIRUSS scriptcl dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - BHO CBrowserHelperObject Object - CA C - B - E-A -A C DB F - c Program Files GoogleAFE GoogleAE dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - Toolbar McAfee SiteAdvisor - BF - F - - - FE E AA - C Program Files SiteAdvisor SiteAdv dll O - HKLM Run SoundMAXPnP C Program Files Analog Devices Core smax pnp exe O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched e... Read more

A:Please Review this Log - I need help!!

I replied here: http://forums.techguy.org/malware-r...681700-hijack-log-popups-search-problems.html
 

https://forums.techguy.org/threads/please-review-this-log-i-need-help.681683/
Relevancy 29.67%

Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system Please review my log! winlogon exe C WINDOWS system services Please review my log! exe C WINDOWS system lsass exe C Please review my log! WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C PROGRA COMMON AOL ACS AOLacsd exe C Program Files ewido anti-malware ewidoctrl exe C Program Files Analog Devices Core smax pnp exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files Java j re bin jusched exe C Program Files Intel Modem Event Monitor IntelMEM exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Real RealPlayer RealPlay exe C WINDOWS system dla tfswctrl exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Dell Media Experience DMXLauncher exe C Program Files Trend Micro Internet Security TMAS OE TMAS OEMon exe C Program Files Common Files Ahead lib NMBgMonitor exe C WINDOWS system wscntfy exe C Program Files BitTornado btdownloadgui exe C AIM aim exe C Program Files Windows NT Accessories wordpad exe C Program Files Outlook Express msimn exe C Program Files Trend Micro Internet Security TMAS OE TMAS OE exe C Agent agent exe C Program Files BitTornado btdownloadgui exe C Program Files BitTornado btdownloadgui exe C Program Files BitTornado btdownloadgui exe C Program Files BitTornado btdownloadgui exe C Program Files DVD Shrink DVD Shrink exe C Program Files BitTornado btdownloadgui exe C Program Files Internet Explorer iexplore exe C Documents and Settings Matt Desktop hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www pollstar com O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - HKLM Run SoundMAXPnP C Program Files Analog Devices Core smax pnp exe O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run Persistence C WINDOWS system igfxpers exe O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKLM Run IntelMeM C Program Files Intel Modem Event Monitor IntelMEM exe O - HKLM Run DVDLauncher quot C Program Files CyberLink PowerDVD DVDLauncher exe quot O - HKLM Run RealTray C Program Files Real RealPlayer RealPlay exe SYSTEMBOOTHIDEPLAYER O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run dla C WINDOWS system dla tfswctrl exe O - HKLM Run ISUSPM Startup C PROGRA COMMON INSTAL UPDATE ISUSPM exe -startup O - HKLM Run ISUSScheduler quot C Program Files Common Files InstallShield UpdateService issch exe quot -start O - HKLM Run DMXLauncher C Program Files Dell Media Experience DMXLauncher exe O - HKLM Run pccguide exe quot C Program Files Trend Micro Internet Security pccguide exe quot O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKCU Run DellSupport quot C Program Files Dell Support DSAgnt exe quot startup O - HKCU Run OE OEM quot C Program Files Trend Micro Internet Security TMAS OE TMAS OEMon exe quot O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run AIM C AIM aim exe -cnetwait odl O - HKCU Run Yahoo Pager C Program Files Yahoo Messenger ypager exe -quiet O - HKCU Run BgMonitor E - C C- d f- C - D A B AA quot C Program Files Common Files Ahead lib NMBgMonitor exe quot O - Global Startup America Online Tray Icon lnk C Program Files America Online aoltray exe O - Global Startup dlbcserv lnk C Program Files Dell Photo Printer dlbcserv exe O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA... Read more

A:Please review my log!

Is this the same machine as this one?

http://www.techsupportforum.com//sec...kthis-log.html

http://www.techsupportforum.com/forums/f284/please-review-my-log-91936.html
Relevancy 29.67%

Hey guys I was wondering if you could need to one Just please. log, this review some PLEASE review Just need some one to review this log, please. my HJT log and let me know if you see any discrepancies THANKS A LOT Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files TGTSoft StyleXP StyleXPService exe C WINDOWS system Just need some one to review this log, please. spoolsv exe C Program Files Just need some one to review this log, please. CacheBoost cbsrv exe C Program Files Executive Software Diskeeper DkService exe C Program Files Network Associates Common Framework FrameworkService exe C Program Files Network Associates VirusScan Mcshield exe C Program Files Network Associates VirusScan VsTskMgr exe C WINDOWS System nvsvc exe C Program Files Analog Devices SoundMAX SMAgent exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C Program Files BroadJump Client Foundation CFD exe C Program Files CacheBoost trayicon exe C Program Files Network Associates VirusScan SHSTAT EXE C Program Files Network Associates Common Framework UpdaterUI exe C Program Files Analog Devices SoundMAX SMax PNP exe C Program Files Analog Devices SoundMAX Smax exe C WINDOWS System wuauclt exe C Program Files Common Files InstallShield UpdateService issch exe C WINDOWS System gdg d f exe C Program Files Java j re bin jusched exe C Program Files Common Files Real Update OB realsched exe C WINDOWS System RUNDLL EXE C Program Files TGTSoft StyleXP StyleXP exe C Program Files Xfire Xfire exe C Program Files HJT HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http mail yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by Comcast R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - Default URLSearchHook is missing O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll file missing O - BHO Dictionary com - F A-B - d - A- F CF B - C WINDOWS Downloaded Program Files CONFLICT lexbar dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO MSNToolBandBHO - BDBD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar en-us msntb dll O - Toolbar MSN - BDAD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar en-us msntb dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - Toolbar Dictionary com - F A-B - D - A- F CF B - C WINDOWS Downloaded Program Files CONFLICT lexbar dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - HKLM Run BJCFD C Program Files BroadJump Client Foundation CFD exe O - HKLM Run CacheBoost C Program Files CacheBoost trayicon exe O - HKLM Run ShStatEXE quot C Program Files Network Associates VirusScan SHSTAT EXE quot STANDALONE O - HKLM Run McAfeeUpdaterUI quot C Program Files Network Associates Common Framework UpdaterUI exe quot StartedFromRunKey O - HKLM Run Openwares LiveUpdate C Program Files LiveUpdate LiveUpdate exe O - HKLM Run SoundMAXPnP C Program Files Analog Devices SoundMAX SMax PNP exe O - HKLM Run SoundMAX quot C Program Files Analog Devices SoundMAX Smax exe quot tray O - HKLM Run ISUSPM Startup C PROGRA COMMON INSTAL UPDATE ISUSPM exe -startup O - HKLM Run ISUSScheduler quot C Program Files Common Files InstallShield UpdateService issch exe quot -start O - HKLM Run tgcmd C Program Files Support com bin tgcmd exe server startmonitor deaf O - HKLM Run gdg... Read more

A:Just need some one to review this log, please.

Hi and Welcome to TSF

Before attacking an adware/spyware problem with hijackthis make sure you have already run the following tools. Download and update the databases on each program before running. Ad-Aware? SE Personal Edition
*Note* For Ad-AwareSE also install the VX2 Addon Cleaner To run this tool once Adaware is updated click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK" , then, if something is found, click "Clean" as in the directions given. Click "Close", and exit Ad-Aware.
Spybot Search & Destroy
CWShredder

Also make sure you are using the the latest version (1.99.1) of HijackThis and it's installed in it's own folder on the root drive. (C:\HJT)

Please go to at least two of these sites and run an online Virus Scan.
Be sure to have the AutoFix box(s) checked.

http://housecall.trendmicro.com/
http://www3.ca.com/virusinfo/virusscan.aspx
http://www.pandasoftware.com/actives..._principal.htm
http://www.bitdefender.com/scan/license.php
http://us.mcafee.com/root/mfs/default.asp
http://security.symantec.com/sscv6/d...d=ie&venid=sym
http://www3.ca.com/virusinfo/virusscan.aspx

After you complete those steps..please update your version of hijackthis and post another log.

http://www.techsupportforum.com/forums/f284/just-need-some-one-to-review-this-log-please-74073.html
Relevancy 29.67%

Few weeks ago I got attacked by a coupla viruses but was able to delete with out any problems to review HJT log my PC Lately AVG Spybot and Adaware havent picked up anything but its better safe that sorry If anyone sees anything fishy please let me know and if and how I can fix thanks Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes HJT log review C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C HJT log review WINDOWS system spoolsv exe C WINDOWS Nhksrv exe C WINDOWS System PackethSvc exe C PROGRA Grisoft AVG avgserv exe C WINDOWS System svchost exe C WINDOWS System MsPMSPSv exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C Program Files Common Files Real Update OB realsched exe C Program Files Internet Explorer iexplore exe C WINDOWS System ctfmon exe C Documents and Settings Dan My Documents hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main SearchURL http ie shopforgood com R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - Default URLSearchHook is missing O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - E BD F- B D- E-D E -F B BF A - C WINDOWS System webalize dll O - BHO no name - E - ADF- EC-AEA -ACB B F - C PROGRA MACROE iCapture dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run AVG CC C Program Files Grisoft AVG avgcc exe startup O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run RunDLL rundll exe quot C WINDOWS Downloaded Program Files bridge dll quot Load O - HKLM Run whpddsqz C WINDOWS System qutszrne exe O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - HKCU Run msnmsgr quot C Program Files MSN Messenger msnmsgr exe quot background O - HKCU Run PSD Tools Channel C Program Files Common Files PSD Tools ChannelUp exe O - Extra context menu item amp Define - C Program Files Common Files Microsoft Shared Reference A ERS DEF HTM O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra context menu item LimeShop Preferences - file c Program Files topMoxie TEMP limeshop script htm O - Extra context menu item Look Up in amp Encyclopedia - C Program Files Common Files Microsoft Shared Reference A ERS ENC HTM O - Extra button Encarta Encyclopedia HKLM O - Extra Tools menuitem Encarta Encyclopedia HKLM O - Extra button Messenger HKLM O - Extra Tools menuitem Yahoo Messenger HKLM O - Extra button Define HKLM O - Extra Tools menuitem Define HKLM O - Extra button ICQ HKLM O - Extra Tools menuitem ICQ HKLM O - Extra button AIM HKLM O - Extra button Real com HKLM O - Extra button Messenger HKLM O - Extra Tools menuitem Messenger HKLM O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - DPF JT s Blocks - http download games yahoo com games clients y blt x cab O - DPF Tornado - http download games yahoo com games clients y t t x cab O - DPF Yahoo Dice - http download games yahoo com games clients y dct x cab O - DPF Yahoo Hearts - http download games yahoo com games clients y ht x cab O - DPF Yahoo NFL GameChannel StatTracker - http aud sports sc yahoo com java y nflgcst x cab O - DPF Yahoo Spelldown - http download games yahoo com games clients y sdt x cab O - DPF Yahoo Towers - http download games yahoo com games clients y ywt x cab O - DPF Yahoo Word Racer - http download games yahoo com games clients y wt x cab O - DPF B CFB- - -A -C A C Checker... Read more

Relevancy 29.67%

Logfile of HijackThis v Scan saved at PM on Platform Windows SE Win x A MSIE Internet Can New. my LOG..ThAnks someone I'm Review Explorer v Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM SPOOL EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM ZONELABS VSMON EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS EXPLORER EXE C PROGRAM FILES COMPAQ EASY ACCESS BUTTON SUPPORT CPQEADM EXE C WINDOWS SYSTEM ATIPTAXX EXE C PROGRAM FILES COMPAQ EASY ACCESS BUTTON SUPPORT BTTNSERV EXE C PROGRAM FILES NORTON ANTIVIRUS NAVAPW EXE C PROGRAM FILES ZONE LABS ZONEALARM ZLCLIENT EXE C PROGRAM FILES MSN MESSENGER MSNMSGR EXE C PROGRAM FILES COMPAQ EASY ACCESS BUTTON SUPPORT EAUSBKBD EXE C WINDOWS SYSTEM DDHELP EXE C I'm New. Can someone Review my LOG..ThAnks PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE C WINDOWS DESKTOP NEW FOLDER HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Start Page http I'm New. Can someone Review my LOG..ThAnks yahoo ca O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - HKLM Run CPQEASYACC C Program Files Compaq Easy Access Button Support cpqeadm exe O - HKLM Run AtiPTA Atiptaxx exe O - HKLM Run ScanRegistry c windows scanregw exe autorun O - HKLM Run NAV DefAlert C PROGRA NORTON DEFALERT EXE O - HKLM Run Norton Auto-Protect C PROGRA NORTON NAVAPW EXE LOADQUIET O - HKLM Run Zone Labs Client C PROGRA ZONELA ZONEAL zlclient exe O - HKLM RunServices TrueVector C WINDOWS SYSTEM ZONELABS VSMON EXE -service O - HKLM RunServices ScriptBlocking quot C Program Files Common Files Symantec Shared Script Blocking SBServ exe quot -reg O - HKCU Run MsnMsgr quot c Program Files MSN Messenger MsnMsgr Exe quot background O - Extra button Related HKLM O - Extra Tools menuitem Show amp Related Links HKLM O - Extra Tools menuitem Sun Java Console HKLM O - Plugin for spop C PROGRA INTERN Plugins NPDocBox dll O - DPF F C AA- B- -BA - A BB F Update Class - http v windowsupdate microsoft com CAB x ansi iuctl CAB O - DPF F C -ABBF- - F - B BA E Compaq System Data Class - http www compaq com falco SysQuery cab O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http download macromedia com pub shockwave cabs flash swflash cab O - DPF E D DE - - -A - DFAD A D MessengerStatsClient Class - http messenger zone msn com binary MessengerStatsClient cab O - DPF F-F B- B D- DF- B B Minesweeper Flags Class - http messenger zone msn com binary MineSweeper cab O - DPF BF D - C - B -BC -D ABDDC B QuickTime Object - http www apple com qtactivex qtplugin cab O - DPF F -B - -A -B BB A C - http a g akamai net pple com bonnie us win QuickTimeInstaller exe O - DPF D F -B F - D - AB- C C E Windows Media Player - http activex microsoft com activex controls mplayer en nsmp inf cab O - DPF A A - DA - DAF-B - F E E ActiveScan Installer Class - http www pandasoftware com activescan as asinst cab Should i be worried about anything Thanks in advance nbsp

A:I'm New. Can someone Review my LOG..ThAnks

Hi FireStrom

Welcome to TSG!

Your HJT log is clean!
 

https://forums.techguy.org/threads/im-new-can-someone-review-my-log-thanks.213230/
Relevancy 29.67%

having major issues - can anyone help Logfile of Trend Micro HijackThis v BETA Scan saved at on Platform Windows XP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe log my review pls C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS review my log pls system spoolsv exe C WINDOWS Explorer EXE C Program Files Logitech iTouch iTouch exe C WINDOWS System RunDLL exe C WINDOWS System bcmwltry exe C Program Files QuickTime qttask exe C Program Files iTunes iTunesHelper exe C Program Files MSN Messenger MsnMsgr Exe C Program Files Google Google Updater GoogleUpdater exe C Program Files VIA RAID raid tool exe C PROGRA Grisoft AVG avgupsvc exe C Program Files Google Common Google Updater GoogleUpdaterService exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C Program Files iPod bin iPodService exe C WINDOWS System wuauclt exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgemc exe C Program Files Grisoft AVG avgcc exe C Program Files Internet Explorer iexplore exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Documents and Settings Nick W Desktop HiJackThis v exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk O - BHO no name - D E - - C A- CAA- B F E e - C WINDOWS System kmrlrjas dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO no name - DB C-BDBF- f- F - B DDA B - C WINDOWS System wsxfkray dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO no name - DBF C D-D - CD -AA - D A D A - C WINDOWS System vtstq dll file missing O - BHO no name - DED B - B- EB- C- AECF A D - C WINDOWS System ssqpqrp dll file missing O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run zBrowser Launcher C Program Files Logitech iTouch iTouch exe O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RunDLL exe NvMCTray dll NvTaskbarInit O - HKLM Run bcmwltry bcmwltry exe O - HKLM Run removecpl RemoveCpl exe O - HKLM Run Client Server Runtime Process C WINDOWS System csrs exe O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run clcl C WINDOWS System clcl exe O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKLM Run WindowsUpdate rundll exe quot C WINDOWS System skcurnwe dll quot realset O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - HKUS S- - - Run CTFMON EXE C WINDOWS System CTFMON EXE User 'LOCAL SERVICE' O - HKUS S- - - Run AVG Run C PROGRA Grisoft AVG avgw exe RUNONCE User 'LOCAL SERVICE' O - HKUS S- - - Run CTFMON EXE C WINDOWS System CTFMON EXE User 'NETWORK SERVICE' O - HKUS S- - - Run CTFMON EXE C WINDOWS System CTFMON EXE User 'SYSTEM' O - HKUS DEFAULT Run CTFMON EXE C WINDOWS System CTFMON EXE User 'Default user' O - Global Startup Google Updater lnk C Program Files Google Google Updater GoogleUpdater exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Global Startup VIA RAID TOOL lnk C Program Files VIA RAID raid tool exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Related - c fe - f d- d -a b- aa c a - C WINDO... Read more

A:review my log pls

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

I see you're using HJT v2 Beta

As v2 is still in Beta. We prefer to use version 1.99.1 at this time. Please uninstall HJT v2 Beta

Next, download and use version 1.99.1, .

Here's the link:

http://www.merijn.org/files/HijackThis.exe

---------------------------------------------------------------------------------------------

Please go to: VirusTotalAt the top of the page you'll find a "Browse" button.
Next to the browse button you'll see a box to enter text.
Please copy/paste the following in BOLD:

C:\WINDOWS\System32\clcl6.exe

Then click the "Send" button at the top of the VirusTotal page.
This will scan the file. Please be patient.
Once scanned, copy and paste the results in your next reply.


---------------------------------------------------------------------------------------------

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

We'll use this later.

Download combofix.exe to your desktop.
Double click on combofix.exe & follow the prompts.
When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

---------------------------------------------------------------------------------------------

Once ComboFix has finished it's routine....

Open HijackThis v1.99.1 and click on 'Do a System Scan Only'. Check the following entries if they exist (make sure you do not miss any) and click Fix Checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {9DBF8C4D-D125-4CD3-AA34-0D22A7D9A876} - C:\WINDOWS\System32\vtstq.dll (file missing)
O2 - BHO: (no name) - {9DED2B32-743B-47EB-874C-28AECF2A268D} - C:\WINDOWS\System32\ssqpqrp.dll (file missing)
O4 - HKLM\..\Run: [clcl6] C:\WINDOWS\System32\clcl6.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O20 - Winlogon Notify: ssqpqrp - ssqpqrp.dll (file missing)
O20 - Winlogon Notify: vtstq - C:\WINDOWS\System32\vtstq.dll (file missing)


Close HijackThis now.

---------------------------------------------------------------------------------------------

Please then reboot your computer in Safe Mode by doing the following :Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.
Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC res... Read more

http://www.techsupportforum.com/forums/f284/review-my-log-pls-156950.html
Relevancy 29.67%

A couple of days ago my log review Please my internet all of a sudden stopped working and windows was firewalling it Its working again now but I ran HijackThis just in case Here's my log can you tell me if there is anything suspicious in here Thanks Logfile of HijackThis Please review my log v Please review my log Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS RTHDCPL EXE C Program Files Java jre bin jusched exe C PROGRA Grisoft AVGFRE avgcc exe C Program Files ATI Technologies ATI ACE CLI EXE C Program Files QuickTime qttask Please review my log exe C Program Files iTunes iTunesHelper exe C WINDOWS system ctfmon exe C Program Files TheWeatherNetwork WeatherEye WeatherEye exe C Program Files Skype Phone Skype exe C Program Files Logitech MouseWare system em exec exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C PROGRA Grisoft AVGFRE avgemc exe C WINDOWS system svchost exe C Program Files Skype Plugin Manager skypePM exe C Program Files iPod bin iPodService exe C Program Files ATI Technologies ATI ACE cli exe C Program Files ATI Technologies ATI ACE cli exe C Program Files MSN Messenger usnsvc exe C Documents and Settings Dustin Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google ca R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO BitComet ClickCapture - F E - A- B A-BCAF- B BFDFEA - C Program Files BitComet tools BitCometBHO dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run SkyTel SkyTel EXE O - HKLM Run Alcmtr ALCMTR EXE O - HKLM Run ATICCC quot C Program Files ATI Technologies ATI ACE CLIStart exe quot O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run Logitech Utility Logi MwX Exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run WeatherEye C Program Files TheWeatherNetwork WeatherEye WeatherEye O - HKCU Run Skype quot C Program Files Skype Phone Skype exe quot nosplash minimized O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item amp D amp ownload amp with BitComet - res C Program Files BitComet BitComet exe AddLink htm O - Extra context menu item amp D amp ownload all video with BitComet - res C Program Files BitComet BitComet exe AddVideo htm O - Extra context menu item amp D amp ownload all with BitComet - res C Program Files BitComet BitComet exe AddAllLink htm O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button BitC... Read more

http://www.techsupportforum.com/forums/f284/please-review-my-log-186268.html
Relevancy 29.67%

Computer been running slow and too many pop ups and ads Is there anything I should get rid of Thank you Laura Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Microsoft Shared Please review HJT log! VS Debug mdm exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS System svchost exe C WINDOWS System BRMFRSMG EXE C WINDOWS Explorer EXE C WINDOWS System pctspk exe C PROGRA NORTON navapw exe C Program Files Java j re bin jusched exe C WINDOWS System wjview exe C WINDOWS System ctfmon exe C PROGRA YAHOO browser ycommon exe C Program Files Yahoo browser ybrowser exe C PROGRA SBCYAH CONNEC CONNEC EXE C PROGRA Yahoo browser YBrowser exe C PROGRA Yahoo browser YBrowser exe C Documents and Settings Denise Harrold Desktop HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Start Page http yahoo sbc com dial R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer R - HKCU Software Microsoft Internet Explorer SearchURL Please review HJT log! Default http red clientapps yahoo com customize ie defaults su sbcydial http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www searchforit com O - BHO no name - D -C F - efb- B - ECA - C Program Files Yahoo Common ycomp dll O - BHO myBar BHO - D D -F E - ad- A - ECE AC - C Program Files MyWay myBar bin MYBAR DLL O - BHO no name - E CB- - F - FD - EC E AAE - C Program Files Surfapps com PopThis Free Version PopThis dll O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM msdxm ocx O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Yahoo Companion - EF BD -C FB- D - F- D F - C Program Files Yahoo Common ycomp dll O - Toolbar My amp Search Bar - D D -F E - ad- A - ECE AC - C Program Files MyWay myBar bin MYBAR DLL O - HKLM Run Omnipage E opware exe O - HKLM Run Evidence Eliminator C Program Files Evidence Eliminator ee exe m O - HKLM Run PCTVOICE pctspk exe O - HKLM Run NAV Agent C PROGRA NORTON navapw exe O - HKLM Run WinampAgent quot C Program Files Winamp winampa exe quot O - HKLM Run TrojanScanner C Program Files Trojan Remover Trjscan exe O - HKLM Run ScanSoft OmniPage Pro Registration Reminder quot E EregEng NAVBrowser exe quot r i quot E EregEng NavLoad ini quot O - HKLM Run RealTray C Program Files Real RealPlayer RealPlay exe SYSTEMBOOTHIDEPLAYER O - HKLM Run NeroCheck C WINDOWS system NeroCheck exe O - HKLM Run DiscoverDeskshop C Program Files Discover Deskshop Deskshop exe dontopenmycards O - HKLM Run YBrowser C Program Files Yahoo browser ybrwicon exe O - HKLM Run IPInSightMonitor quot C Program Files SBC Yahoo Connection Manager IP InSight IPMon exe quot O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKLM Run AltnetPointsManager c program files altnet points manager points manager exe -s O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - HKCU Run IncrediMail C PROGRA INCRED bin IncMail exe c O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKLM RunOnce Ad-aware quot C Program Files Lavasoft Ad-aware Ad-aware exe quot quot b quot O - Startup RegVac lnk C Program Files RegVac regvac exe O - Startup Update Grokster lnk C Program Files Grokster WiseUpdt exe O - Startup AdsGone lnk C Program Files AdsGone adsgone exe O - Global Startup Internet Answering Machine lnk C Program Files CallWave IAM exe O - Global Startup WinZip Quick Pick lnk C Program Files WinZip WZQKPIC... Read more

https://forums.techguy.org/threads/please-review-hjt-log.223247/
Relevancy 29.67%

Logfile of HijackThis v Scan HT Log review Please saved at PM on Platform Windows ME Win x MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C WINDOWS SYSTEM SSDPSRV EXE C WINDOWS SYSTEM STIMON EXE C WINDOWS EXPLORER EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C PROGRAM FILES DELL RESOLUTION ASSISTANT COMMON BIN RXMON X EXE C WINDOWS SYSTEM LTMSG EXE C PROGRAM FILES ADAPTEC DIRECTCD DIRECTCD EXE C WINDOWS SYSTEM WMIEXE EXE C PROGRAM FILES MOTIVE MOTMON EXE C PROGRAM FILES NORTON ANTIVIRUS NAVAPW EXE C PROGRAM FILES DELL RESOLUTION ASSISTANT MOTIVEASSISTANT BIN MAD EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS SYSTEM LEXBCES EXE C WINDOWS SYSTEM SPOOL EXE C PROGRAM FILES THE CLEANER TCA EXE C PROGRAM FILES THE CLEANER TCM EXE C WINDOWS SYSTEM RPCSS EXE C P EXE C WINDOWS SYSTEM LEXPPS EXE C VSTASCAN VSACCESS EXE C PROGRAM FILES OLYMPUS CAMEDIA MASTER CM CAMERA EXE C WINDOWS SYSTEM DDHELP EXE C WINDOWS SYSTEM MSCONFIG EXE C PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE C PROGRAM FILES OUTLOOK EXPRESS MSIMN EXE Please review HT Log C WINDOWS SYSTEM PSTORES EXE C WINDOWS TEMP TD DIR HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Search Bar about blank R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Default Page URL about blank R - HKCU Software Microsoft Internet Explorer Main Default Search URL about blank R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKLM Software Microsoft Internet Explorer Main Local Page http www virtualrealityz com affid R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www istarthere com R - HKCU Software Microsoft Internet Explorer Main SearchAssistant R - HKCU Software Microsoft Internet Explorer Main CustomizeSearch R - HKCU Software Microsoft Internet Explorer SearchAssistant R - HKCU Software Microsoft Internet Explorer CustomizeSearch R - HKLM Software Microsoft Internet Explorer Search Default http www bigsexvideos com s php R - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file F - win ini run C WINDOWS SYSTEM SERVICES WMPLAYER EXE O - BHO no name - D -C F - efb- B - ECA - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLL O - BHO no name - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - BHO no name - B CA - A - D -A DF- BB - no file O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run PCHealth C WINDOWS PCHealth Support PCHSchd exe -s O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run WorksFUD C Program Files Microsoft Works wkfud exe O - HKLM Run RxMon C Program Files Dell Resolution Assistant Common bin RxMon x exe O - HKLM Run LTWinModem ltmsg exe O - HKLM Run Adaptec DirectCD C PROGRA ADAPTEC DIRECTCD DIRECTCD EXE O - HKLM Run MotiveMonitor C Program Files Motive motmon exe O - HKLM Run Norton Auto-Protect C PROGRA NORTON NAVAPW EXE LOADQUIET O - HKLM Run NAV DefAlert C PROGRA NORTON DEFALERT EXE O - HKLM Run LexStart Lexstart exe O - HKLM Run LexmarkPrinTray PrinTray exe O - HKLM Run madexe C Program Files Dell Resolution Assistant MotiveAssistant bin mad exe O - HKLM Run QuickTime Task quot C WINDOWS SYSTEM QTTASK EXE quot -atboottime O - HKLM Run tcactive C PROGRAM FILES THE CLEANER tc... Read more

Relevancy 29.67%

Thank Please log <3 my review you for at least looking at this thread For the last week or so I've been having problems with slowness and streaming video sites such as youtube completely freezing up my browser both Firefox AND IE I'm sure I have more problems than that as well So please review this log and tell me what I need to do to fix up my laptop Thank you SO much for your precious time Logfile of Trend Micro HijackThis v Scan Please review my log <3 saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS system spoolsv exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C Program Files Bonjour mDNSResponder Please review my log <3 exe C WINDOWS system DVDRAMSV exe C Program Files Common Files Macrovision Shared FLEXnet Publisher FNPLicensingService exe C WINDOWS system svchost exe C Program Files Webroot Spy Sweeper SpySweeper Please review my log <3 exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C WINDOWS system RAMASST exe C WINDOWS System svchost exe C Documents and Settings Chinomi Desktop HiJackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Search URL about blank R - HKLM Software Microsoft Internet Explorer Main Search Bar about blank R - HKLM Software Microsoft Internet Explorer Main Search Page about blank R - HKLM Software Microsoft Internet Explorer Main Start Page about blank R - HKLM Software Microsoft Internet Explorer Main SearchURL about blank R - HKLM Software Microsoft Internet Explorer Search SearchAssistant about blank R - HKCU Software Microsoft Internet Explorer Main Start Page bak about blank R - HKLM Software Microsoft Internet Explorer Main Local Page about blank R - HKLM Software Microsoft Internet Explorer Main Start Page bak prosearching com R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www shoptoshiba ca welcome R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - Default URLSearchHook is missing O - Hosts auto search msn es O - Hosts auto search msn com O - Hosts auto search msn es O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - D - FB - - F A- B C C C - C Program Files Windows NT tegojav dll file missing O - BHO - A E-D ED- E C- AF- F AEA D - C Program Files Outlook Express xuracowyn dll file missing O - BHO no name - -D - - EB - A BB D - C WINDOWS system ddaba dll file missing O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO no name - D B - E - EC- - EED D C - C Program Files Windows NT tegojav dll file missing O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO no name - - AD-E -F A -B DECBB C - C WINDOWS system sleepym dll file missing O - BHO no name - B FD - C- - -FD D E - C WINDOWS system jkkll dll file missing O - BHO CDLPObj Object - BE ED -CA - B - CCE- FB E D AA - C WINDOWS DLP dll file missing O - BHO no name - E F E -D E- C A- -AFDD A E - C WINDOWS system awtsqon dll file missing O - HKLM Run ATIPTA - quot C Program Files ATI Technologies ATI Control Panel atiptaxx exe quot O - HKLM Run CeEKEY - quot C Program Files TOSHIBA E-KEY CeEKey exe quot O - HKLM Run Apoint - quot C Program Files Apoint K Apoint exe quot O - HKLM Run Tvs - quot C Program Files Toshiba Tvs TvsTray exe quot O - HKLM Run dla -C WINDOWS system dla tfswctrl exe O - HKLM Run HWSetup - quot C Program Files TOSHIBA TOSHIBA Applet HWSetup ex... Read more

http://www.techsupportforum.com/forums/f284/please-review-my-log-3-a-202251.html
Relevancy 29.67%

I m having lot s of trouble with my computer can someone please look and my HT log to see if they can help Also what is the p exe file Thanks Logfile of HijackThis v Scan saved at PM on Platform Windows ME Win x MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV HT my Please review log EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C WINDOWS SYSTEM SSDPSRV EXE C WINDOWS SYSTEM STIMON EXE C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C PROGRAM FILES DELL RESOLUTION ASSISTANT COMMON BIN RXMON X EXE C WINDOWS SYSTEM WMIEXE EXE C WINDOWS SYSTEM LTMSG EXE C PROGRAM FILES ADAPTEC DIRECTCD DIRECTCD EXE C PROGRAM FILES MOTIVE MOTMON EXE C PROGRAM Please review my HT log FILES NORTON ANTIVIRUS NAVAPW EXE C WINDOWS SYSTEM LEXBCES EXE C WINDOWS SYSTEM SPOOL EXE C PROGRAM FILES THE CLEANER Please review my HT log TCA EXE C WINDOWS SYSTEM RPCSS EXE C PROGRAM FILES THE CLEANER TCM EXE C WINDOWS LOADQM EXE C PROGRAM FILES MICROSOFT WORKS WKSSB EXE C P EXE C WINDOWS SYSTEM LEXPPS EXE C VSTASCAN VSACCESS EXE C PROGRAM FILES OLYMPUS CAMEDIA MASTER CM CAMERA EXE C PROGRAM FILES COMMON FILES MICROSOFT SHARED WORKS SHARED WKCALREM EXE C WINDOWS SYSTEM DDHELP EXE C PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE C WINDOWS TEMP TD DIR HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http kov l com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer SearchAssistant O - BHO no name - D -C F - efb- B - ECA - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLL O - BHO no name - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run PCHealth C WINDOWS PCHealth Support PCHSchd exe -s O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run WorksFUD C Program Files Microsoft Works wkfud exe O - HKLM Run RxMon C Program Files Dell Resolution Assistant Common bin RxMon x exe O - HKLM Run LTWinModem ltmsg exe O - HKLM Run Adaptec DirectCD C PROGRA ADAPTEC DIRECTCD DIRECTCD EXE O - HKLM Run MotiveMonitor C Program Files Motive motmon exe O - HKLM Run Norton Auto-Protect C PROGRA NORTON NAVAPW EXE LOADQUIET O - HKLM Run NAV DefAlert C PROGRA NORTON DEFALERT EXE O - HKLM Run LexStart Lexstart exe O - HKLM Run LexmarkPrinTray PrinTray exe O - HKLM Run MadExe C PROGRAM FILES DELL RESOLUTION ASSISTANT COMMON BIN LaunchRA exe -boot O - HKLM Run QuickTime Task quot C WINDOWS SYSTEM QTTASK EXE quot -atboottime O - HKLM Run tcactive C PROGRAM FILES THE CLEANER tca exe O - HKLM Run tcmonitor C PROGRAM FILES THE CLEANER tcm exe O - HKLM Run LoadQM loadqm exe O - HKLM Run Microsoft Works Portfolio C Program Files Microsoft Works WksSb exe AllUsers O - HKLM Run axvhaacv C WINDOWS ecyukfmx exe O - HKLM Run Dsi C WINDOWS SYSTEM DP-K W EXE O - HKLM Run AutoUpdater quot c Program Files AutoUpdate AutoUpdate exe quot O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices SSDPSRV C WINDOWS SYSTEM ssdpsrv exe O - HKLM RunServices StateMgr C WINDOWS System Restore StateMgr exe O - HKLM RunServices StillImageMonitor C WINDOWS SYSTEM STIMON EXE O - HKCU Run XiD quot C PROGRAM FILES INTERNET... Read more

https://forums.techguy.org/threads/please-review-my-ht-log.224201/
Relevancy 29.67%

Logfile of HijackThis v Scan saved at AM on Platform Unknown Windows WinNT MSIE Internet Explorer v Running processes C Windows system taskeng exe C Windows system Dwm exe C Windows Explorer EXE C Program Files Windows Defender MSASCui exe C Windows RtHDVCpl exe C Program Files ATI Technologies ATI ACE CLI EXE C Program Files Synaptics SynTP SynTPEnh exe C Program Files Grisoft AVG avgcc exe C Program Files iTunes iTunesHelper exe C Program Files Microsoft Office Office GrooveMonitor exe C Program Files MSN Messenger msnmsgr exe C Program Files AIM aim exe C Program Files Windows Sidebar sidebar exe C Program Files Skype Phone Skype exe C Program Files Synaptics SynTP SynToshiba exe C Program Files Common Files AOL Loader aolload exe C Program Files Windows Sidebar sidebar exe C Program Files Skype Plugin Manager skypePM exe C Program Files AIM aolsoftware exe C Program Files ATI Technologies ATI ACE CLI exe C Program Files ATI Technologies ATI ACE CLI exe C Program Files HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId Review Please This? R Please Review This? - HKCU Software Microsoft Internet Explorer Main Start Page http runonce msn com v msgrv R Please Review This? - HKLM Software Microsoft Internet Explorer Main Default Page URL http www toshibadirect com dpdstart R - HKLM Please Review This? Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Skype add-on mastermind - BF B-C D - d - A -A F BA C - C Program Files Skype Toolbars Internet Explorer SkypeIEPlugin dll O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C PROGRA MICROS Office GRA E DLL O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO AOL Toolbar Launcher - C - CB - A -B F - EA C F - C Program Files AOL AOL Toolbar aoltb dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - Toolbar AOL Toolbar - DE C F- - A - B-AA ED D - C Program Files AOL AOL Toolbar aoltb dll O - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hide O - HKLM Run ATICCC quot C Program Files ATI Technologies ATI ACE CLIStart exe quot O - HKLM Run RtHDVCpl RtHDVCpl exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run GrooveMonitor quot C Program Files Microsoft Office Office GrooveMonitor exe quot O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - HKCU Run Aim quot C Program Files AIM aim exe quot d locale en-US ee aol imApp O - HKCU Run Sidebar C Program Files Windows Sidebar sidebar exe autoRun O - HKCU Run updateMgr C Program Files Adobe Acrobat Reader AdobeUpdateManager exe AcRdB O - HKCU Run Skype quot C Program Files Skype Phone Skype exe quot nosplash minimized O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Extra context menu item amp AOL Toolbar Search - c program files aol aol toolbar resources en-US local search html O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCE... Read more

Relevancy 29.67%

Please review my HT log review HT Help! Please log When I try to access internet sites I get redirected to a different site or it says that Help! Please review HT log the site is invalid I ran adware spybot and cws shredder with no luck Thanks Logfile of HijackThis v Scan saved at AM on Platform Windows ME Win x MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C WINDOWS SYSTEM SSDPSRV EXE C WINDOWS SYSTEM STIMON EXE C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C PROGRAM FILES DELL RESOLUTION ASSISTANT COMMON BIN RXMON X EXE C WINDOWS SYSTEM WMIEXE EXE C WINDOWS SYSTEM LTMSG EXE C PROGRAM FILES ADAPTEC DIRECTCD DIRECTCD EXE C PROGRAM FILES MOTIVE MOTMON EXE C PROGRAM FILES NORTON ANTIVIRUS NAVAPW EXE C WINDOWS SYSTEM LEXBCES EXE C WINDOWS SYSTEM SPOOL EXE C PROGRAM FILES THE CLEANER TCA EXE C PROGRAM FILES THE CLEANER TCM EXE C WINDOWS LOADQM EXE C PROGRAM FILES MICROSOFT WORKS WKSSB EXE C WINDOWS SYSTEM RPCSS EXE C P EXE C VSTASCAN VSACCESS EXE C WINDOWS SYSTEM LEXPPS EXE C PROGRAM FILES OLYMPUS CAMEDIA MASTER CM CAMERA EXE C PROGRAM FILES COMMON FILES MICROSOFT SHARED WORKS SHARED WKCALREM EXE C WINDOWS SYSTEM DDHELP EXE C PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE C WINDOWS TEMP TD DIR HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http kov l com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer SearchAssistant O - BHO no name - D -C F - efb- B - ECA - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLL O - BHO no name - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run PCHealth C WINDOWS PCHealth Support PCHSchd exe -s O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run WorksFUD C Program Files Microsoft Works wkfud exe O - HKLM Run RxMon C Program Files Dell Resolution Assistant Common bin RxMon x exe O - HKLM Run LTWinModem ltmsg exe O - HKLM Run Adaptec DirectCD C PROGRA ADAPTEC DIRECTCD DIRECTCD EXE O - HKLM Run MotiveMonitor C Program Files Motive motmon exe O - HKLM Run Norton Auto-Protect C PROGRA NORTON NAVAPW EXE LOADQUIET O - HKLM Run NAV DefAlert C PROGRA NORTON DEFALERT EXE O - HKLM Run LexStart Lexstart exe O - HKLM Run LexmarkPrinTray PrinTray exe O - HKLM Run MadExe C PROGRAM FILES DELL RESOLUTION ASSISTANT COMMON BIN LaunchRA exe -boot O - HKLM Run QuickTime Task quot C WINDOWS SYSTEM QTTASK EXE quot -atboottime O - HKLM Run tcactive C PROGRAM FILES THE CLEANER tca exe O - HKLM Run tcmonitor C PROGRAM FILES THE CLEANER tcm exe O - HKLM Run LoadQM loadqm exe O - HKLM Run Microsoft Works Portfolio C Program Files Microsoft Works WksSb exe AllUsers O - HKLM Run axvhaacv C WINDOWS ecyukfmx exe O - HKLM Run Dsi C WINDOWS SYSTEM DP-K W EXE O - HKLM Run AutoUpdater quot c Program Files AutoUpdate AutoUpdate exe quot O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices SSDPSRV C WINDOWS SYSTEM ssdpsrv exe O - HKLM RunServices StateMgr C WINDOWS System Restore StateMgr exe O - HKLM RunServices StillImageMonitor C WINDOWS SYSTEM STIMON EXE O - HKCU Run XiD... Read more

A:Help! Please review HT log

Run Hijack This again and put a check by these. Close all windows except HijackThis and click "Fix checked"

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://kov4l.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchAssistant = ,

O4 - HKLM\..\Run: [axvhaacv] C:\WINDOWS\ecyukfmx.exe

O4 - HKLM\..\Run: [Dsi] C:\WINDOWS\SYSTEM\DP-K13W13.EXE

O4 - HKLM\..\Run: [AutoUpdater] "c:\Program Files\AutoUpdate\AutoUpdate.exe

O4 - HKCU\..\Run: [XiD] "C:\PROGRAM FILES\INTERNET EXPLORER\mmx.exe"

O4 - HKCU\..\Run: [p] c:\p.exe

O16 - DPF: {00000000-8c7d-4ea8-b113-9163c935d38e} -

O16 - DPF: {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} -

Restart to safe mode.

How to start your computer in safe mode

First in safe mode click on My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab.
Under the Hidden files and folders heading select Show hidden files and folders.
Uncheck the Hide protected operating system files (recommended) option.
Click Apply then OK. Click Yes to confirm.

Now find and delete:

The c:\p.exe file
The c:\Program Files\AutoUpdate folder
The C:\PROGRAM FILES\INTERNET EXPLORER\mmx.exe file
The C:\WINDOWS\ecyukfmx.exe file
The C:\WINDOWS\SYSTEM\DP-K13W13.EXE file

Now go to Control Panel > Internet Options and click on the "Connections" tab. Click on the "LAN Settings" button. Remove the check by "Use a proxy server for your LAN". Click Apply then OK.

Boot back to normal and test your browsing.
 

https://forums.techguy.org/threads/help-please-review-ht-log.225816/
Relevancy 29.67%

Lately I have been noticing my system very slow last week I run ad-aware and avg manually its scheduled every other night or Review Log Please HJT my so anyways its picked up a few things and said it got rid of them But I am still noticing my system is very slow IE is very slow starting up Media Player wont open up I get a encountered error problem with this info about the error EventType InPageError P c c P I did Please Review my HJT Log read one thing saying the newest version of iTunes will do something like this to Media Player I also read something said this could be a error do to some kind of spyware Firefox still seems to be running very smooth once in awhile it seems like the internet is a little slow but thats normal Can someone please look at my hijacklog below Thank you very much Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost Please Review my HJT Log exe C WINDOWS System svchost exe C WINDOWS system Ati evxx exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C PROGRA Grisoft AVG avgemc exe C Program Files Bonjour mDNSResponder exe C Program Files Comodo Firewall cmdagent exe H Nero Nero Nero BackItUp NBService exe C Program Files Norton Ghost Agent VProSvc exe C WINDOWS system svchost exe C WINDOWS Explorer EXE C Program Files Wallpaper Master Wallpaper exe C Program Files Java jre bin jusched exe C WINDOWS StartupMonitor exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Comodo Firewall CPF exe C WINDOWS system rundll exe C WINDOWS SOUNDMAN EXE C Program Files Norton Ghost Agent VProTray exe C Program Files iTunes iTunesHelper exe C PROGRA Grisoft AVG avgcc exe C Program Files PeerGuardian pg exe C WINDOWS system ctfmon exe C Program Files Hewlett-Packard Digital Imaging bin hpotdd exe C Program Files PowerMenu PowerMenu exe C Program Files Yahoo Widgets YahooWidgetEngine exe C Program Files Yahoo Widgets YahooWidgetEngine exe C Program Files Yahoo Widgets YahooWidgetEngine exe C Program Files iPod bin iPodService exe C Program Files Yahoo Widgets YahooWidgetEngine exe C Program Files Yahoo Widgets YahooWidgetEngine exe C Program Files Yahoo Widgets YahooWidgetEngine exe C Program Files Pidgin pidgin exe C DOCUME Adam LOCALS Temp pdk-Adam- localsvc exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - Hosts auto search msn com O - Hosts auto search msn es O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO AcroIEToolbarHelper Class - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO Google To... Read more

http://www.techsupportforum.com/forums/f284/please-review-my-hjt-log-236002.html
Relevancy 29.67%

I m cleaning Review This? Please out the PC of a friends mother it was in very sad shape when I first Please Review This? got it I ve done the basics- Adaware AVG Firefox Registry Cleaner Defrag Disk Check and others But now I m going to the Hijackthis as it is still running rather poorly but better than before Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C Program Files Diskeeper Corporation Diskeeper DkService exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS Explorer EXE C PROGRA Grisoft AVG avgcc exe C WINDOWS ALCXMNTR EXE C WINDOWS system ctfmon exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Program Files Internet Explorer iexplore exe C Program Files HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http yahoo sbc com dsl R - HKLM Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cus sbcydsl http www yahoo com search ie html R - HKLM Software Microsoft Internet Explorer Main Search Page http red clientapps yahoo com customize ie defaults sp sbcydsl http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http yahoo sbc com dsl R - HKCU Software Microsoft Internet Connection Wizard ShellNext http yahoo sbc com dsl O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C Program Files Yahoo Common ycomp dll O - BHO no name - E F-C D - D -B D- B D BE B - no file O - BHO no name - -ed - -b e - c b cebd - no file O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO no name - A D- B- EF - D- E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO no name - B BAF-E A - B - B -C A A C - no file O - BHO no name - B C - E- C C-A A- A AC D - no file O - BHO no name - BBD -AF - - - C F DB - no file O - BHO no name - C E BE- A - AB- B - D E b - no file O - BHO no name - CF BFB - ACC- b-B B- B C FF - no file O - BHO no name - D BD AC - AD - F- CD- D E C - no file O - BHO no name - D - - -A F -EEEE FEC A - no file O - BHO no name - D BF CA- BA - - - B d - no file O - BHO no name - DC FBE - - - C - FBC FC - no file O - HKLM Run SiSPower Rundll exe SiSPower dll ModeAgent O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run AlcxMonitor ALCXMNTR EXE O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - Global Startup Adobe Gamma Loader exe lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dll O - Extra button Yahoo Login - C- BA - D -BD C- C D - C WINDOWS system shdocvw dll O - Extra Tools menuitem Yahoo Login - C- BA - D -BD C- C D - C WINDOWS system shdocvw dll O - Extra button Messenger - BBE - E - D -AD - D AD - C Program Files Yahoo Messenger yhexbmes dll O - Extra Tools menuitem Yahoo Messenger - BBE - E - D -AD - D AD - C Program Files Yahoo Messenger yhexbmes dll O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MI OFFICE REFIEBAR DLL O - Extra button Connection Help - E D D B- - a -B F- D D C - C WINDOWS PCHEALTH HELPCTR Vendors CN Hewlett-Packard L Cupertino S Ca C US IEButton support htm O - Extra Tools menuitem Connection Help - E D D B- - a -B F- D D C - C WINDOWS PCHEALTH HELPCTR Vendors CN Hewlett-Packard L Cupertino S Ca C US IEButton support htm O - Extr... Read more

Relevancy 29.67%

Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system Ati evxx exe C WINDOWS system spoolsv exe C Program Files Common Files AOL Log!! Please Review ACS AOLAcsd exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C PROGRA Grisoft AVG avgemc exe C WINDOWS eHome ehRecvr exe C WINDOWS Please Review Log!! eHome ehSched exe C Program Files Google Common Google Updater GoogleUpdaterService exe C WINDOWS system drivers KodakCCS exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system svchost exe C WINDOWS system dllhost exe C WINDOWS SOUNDMAN EXE C Program Please Review Log!! Files Reynolds ERALink ERALink exe C PROGRA Reynolds ERALIN wIntegSm exe C WINDOWS system rundll exe C WINDOWS system rundll exe C Program Files Internet Explorer iexplore exe C WINDOWS system ctfmon exe C Program Files NCC Credit Reports ICredit exe C Program Files Windows Media Player wmplayer exe D My Sam's Club Digital Photo Center exe C WINDOWS explorer exe C WINDOWS system igfxsrvc exe C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie www yahoo com O - Toolbar DealerTrack Toolbar - A AA -C C - BCF-A F- FDAC EA EB - C Program Files DealerTrack DealerTrack Toolbar DealerTrackToolbar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run MSConfig C WINDOWS PCHealth HelpCtr Binaries MSConfig exe auto O - HKLM Run BM Rundll exe quot C WINDOWS system olhwtpol dll quot s O - HKLM Run b ab rundll exe quot C WINDOWS system kafyetwk dll quot b O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS OFFICE REFIEBAR DLL O - Extra button Click to toggle the DealerTrack Toolbar - A ABCF - C F- e -A C- DC B CC - C Program Files DealerTrack DealerTrack Toolbar DealerTrackToolbar dll O - Extra button no name - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dll O - Extra 'Tools' menuitem Spybot - Search amp Destroy Configuration - DFB A - F - C -A - CAB FD A - C PROGRA SPYBOT SDHelper dll O - Extra button no name - e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exe file missing O - Extra 'Tools' menuitem xpsp res dll - - e e dd -d - - b -f ba - windir Network Diagnostic xpnetdiag exe file missing O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- ... Read more

A:Please Review Log!!

Welcome to TSF.

1. Download combofix at http://www.techsupportforum.com/sect...s/ComboFix.exe or http://download.bleepingcomputer.com/sUBs/ComboFix.exe Save it to your Desktop before you run it.
2. Double-click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply.

Note:
Do not click on combofix's window while it's running. That may cause it to stall.

http://www.techsupportforum.com/forums/f284/please-review-log-250445.html
Relevancy 29.67%

Using a new Dell with XP. Running Viruscan, Adaware and Spybot. Pop ups keep coming, google toolbar disappears/gets replaced, etc. HJT Log attached.
 

Relevancy 29.67%

My buddies laptop I believe has been hijacked by VirusHeal, a missleading hijacker hoping to get you to subscribe to their virus software. It also changes the home page to asafetyhead.com
Please, any help will be greatly appreciated and then I can get back to my family!

A:Please review my log!

Apologies for the delay in responding.

The workload on this forum is intense, and sometimes it is not possible to respond to every inquiry.


Please download SmitfraudFix
Extract the files to the Desktop


Boot to Safe Mode as follows: Restart the computer
After hearing the computer beep once, but before the Windows appears, press F8.
The Windows XP Advanced Options menu appears
Select the option for Safe Mode using the arrow keys.
Open SmitfraudFix Double-click smitfraudfix.cmd
Select Option 2 - Clean by typing 2 and press Enter (Deletes infected files)
You are prompted: Do you want to clean the registry? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
The tool also checks if a relevant file, wininet.dll, is infected.
You may be prompted to replace the infected file (if found).
Replace infected file? Answer Y (yes) and hit Enter to restore a clean file.

~~~~
Restart the computer to complete the removal process.

~~~~
Now, download ComboFix
Save it to the Desktop

Double-click combofix.exe to run the program
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to stall.)

When finished, a log, ComboFix.txt, is produced.

~~~~
Run HijackThis once again to obtain a new log.

~~~~
Please post the SmitFraudFix report located at C:\rapport.txt , the ComboFix.txt, and a new HijackThis log in your reply.

http://www.techsupportforum.com/forums/f284/please-review-my-log-180108.html
Relevancy 29.67%

My sons computer is really messed up will you get me started on clean up I already ran spybot and adaware Thanks Suzan Logfile of HijackThis v Scan saved at PM on Platform Windows ME Win x MSIE Internet Explorer v Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE review log HELP!!! HJT for C WINDOWS SYSTEM SPOOL EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C PROGRAM FILES HELP!!! HJT log for review GRISOFT AVG AVGSERV EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C MOUSE SYSTEM EM EXEC EXE C PROGRAM FILES COMMON FILES REAL UPDATE OB REALSCHED EXE C PROGRAM FILES GRISOFT AVG AVGCC EXE C WINDOWS SYSTEM P P NETWORKING P P NETWORKING EXE C WINDOWS SNCOXCUIL EXE C PROGRAM FILES AUTOUPDATE AUTOUPDATE EXE C WINDOWS WAST EXE C WINDOWS TEMP WZGYFI EXE C WINDOWS TEMP A BUU EXE C WINDOWS SYSTEM WMIEXE EXE C WINDOWS TEMP YLYU EXE C WINDOWS SYSTEM IEDRIVER IEDRIVER EXE C PROGRAM FILES COMMON FILES UPDATER WUPDATER EXE C PROGRAM FILES COMMON FILES DPI DPI EXE C WINDOWS APPLICATION DATA SEUR EXE C WINDOWS SYSTEM WNSTSSV EXE C PROGRAM FILES EZULA MMOD EXE C PROGRAM FILES SONY VAIO ACTION SETUP VASERV EXE C PROGRAM FILES MICROSOFT BROADBAND NETWORKING MSBNTRAY EXE C WINDOWS SYSTEM LVFN EXE C WINDOWS SYSTEM SOA P EXE C PROGRAM FILES NETSCAPE COMMUNICATOR PROGRAM AIM AIM EXE C WINDOWS SYSTEM DDHELP EXE C WINDOWS SYSTEM RNAAPP EXE C WINDOWS SYSTEM TAPISRV EXE C WINDOWS SYSTEM WBEM WINMGMT EXE C WINDOWS DESKTOP DOWNLOADS HIJACKTHIS EXE C WINDOWS DESKTOP DOWNLOADS HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Search Bar http defaultsearching com search html R - HKCU Software Microsoft Internet Explorer Main Search Page http defaultsearching com R - HKCU Software Microsoft Internet Explorer Main Start Page http defaultsearching com R - URLSearchHook IncrediFindBHO Class - D FF - BE- -B C - BB A - C PROGRA INCRED BHO INCFIN DLL O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHELPER DLL O - BHO no name - B B D- B - C - A - F F F F - C WINDOWS PSTFGEBN DLL O - BHO no name - ACB DB- - AF - DF - FFF BCD - C WINDOWS MYGDGD DLL O - BHO no name - B B - - D A- D -D CB DCAE - C WINDOWS EDWR DLL O - BHO no name - CAAADB- C - C- B -B FE DBCA - C WINDOWS OHIP DLL O - BHO no name - C E -DD - A D-ABCD- D D - no file O - BHO NavErrRedir Class - D FF - BE- -B C - BB A - C PROGRA INCRED BHO INCFIN DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run PCHealth C WINDOWS PCHealth Support PCHSchd exe -s O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run EM EXEC c mouse system em exec exe O - HKLM Run ZTgServerSwitch C Program Files support com client lserver server vbs O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run Online Service C WINDOWS svchost exe O - HKLM Run AVG CC C PROGRA GRISOFT AVG avgcc exe STARTUP O - HKLM Run TrojanScanner C Program Files Trojan Remover Trjscan exe O - HKLM Run P P NETWORKING C WINDOWS SYSTEM P P NETWORKING P P NETWORKING EXE AUTOSTART O - HKLM Run prostus-htm RunDll UDConn dll RunAsIcon prostus O - HKLM Run barcdy C WINDOWS sncoxcuil exe O - HKLM Run AutoUpdater quot c Program Files AutoUpdate AutoUpdate exe quot O - HKLM Run WAST C WINDOWS WAST O - HKLM Run WZGYFI C WINDOWS TEMP WZGYFI EXE O - HKLM Run A BUU C WINDOWS TEMP A BUU EXE O - HKLM Run pivil C WINDOWS pivil exe O - HKLM Run YLYU C WINDOWS TEMP YLYU EXE O - HKLM Run bxxs RunDLL EXE C WINDOWS BXXS DLL DllRun O - HKLM Run ydqdsp C WINDOWS ydqdsp exe O - HKLM Run IEDriver C WINDOWS SYSTEM IEDriver IEDriver exe O - HKLM Run updater C Program Files Common files updater wupdater exe O - HKLM Run Dsi C WINDOWS SYSTEM DP-K W EXE O - HKLM Run JE F WSER Z C WINDOWS SYSTEM Xej exe O - HKLM Run Pcsv C WINDOWS system pcs pcsvc exe O -... Read more

Relevancy 29.67%

Curious about winh and some ATI programs and the two Entries Logfile of HijackThis v Scan saved at PM on Platform Windows SE Win x A MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM ATI EVAE EXE C WINDOWS EXPLORER EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM ATICWD EXE C WINDOWS SYSTEM ATIPTAXX EXE C PROGRAM FILES COMMON FILES KODAK HYDRA DR DCFSSVC EXE C WINDOWS SYSTEM MSTASK EXE C UTILITIES HIJACK THIS HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet HJT Needs Review Explorer O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - HKLM Run HJT Needs Review ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run SystemTray SysTray Exe O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run AtiCwd Aticwd exe O - HKLM Run Ati cwxx Ati cwxx exe O - HKLM Run AtiGart c Ati Gart AtiGart exe O - HKLM Run AtiPTA Atiptaxx exe O - HKLM Run Dcfssvc C Program Files Common Files KODAK HYDRA DR dcfssvc exe --pdr quot C Program Files Common Files KODAK HYDRA DR dcmnter pdr quot O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run CriticalUpdate C WINDOWS SYSTEM wucrtupd exe -startup O - HKLM Run Symantec Core LC C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe start O - HKLM RunServices ATIPOLAB ati evae exe O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - Extra button Related HKLM O - Extra Tools menuitem Show amp Related Links HKLM O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http download macromedia com pub shockwave cabs flash swflash cab O - DPF F C AA- B- -BA - A BB F Update Class - http v windowsupdate microsoft com CAB x ansi iuctl CAB O - DPF E C D - A- F-AD F- C C B C ActiveDataObj Class - https www-secure symantec com techsupp activedata ActiveData cab O - DPF CE D D - CF- C D- FE - F A ActiveDataInfo Class - https www-secure symantec com techsupp activedata SymAData dll O - DPF BC F - A - D -BEB - AA B AE Symantec AntiVirus scanner - http security symantec com sscv SharedContent vc bin AvSniff cab O - DPF E F- D - A - DD -E EEEC Symantec RuFSI Utility Class - http security symantec com sscv SharedContent common bin cabsa cab nbsp

A:HJT Needs Review

The ATI items can be looked over here: http://www.answersthatwork.com/Tasklist_pages/tasklist_a.htm

Those O9 items are legitimate ... O9 items are extra buttons on main IE toolbar, or extra items in IE 'Tools' menu
 

https://forums.techguy.org/threads/hjt-needs-review.215725/
Relevancy 29.67%

can someone please review this file and tell me wht to delete thanks chris Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C PROGRA Grisoft AVG avgserv exe C PROGRA McAfee com PERSON MPFSERVICE exe C WINDOWS Explorer EXE C HP KBD KBD EXE C WINDOWS please review this System S please review this tray exe C PROGRA Grisoft AVG avgcc exe C PROGRA McAfee com PERSON MpfTray exe C PROGRA mcafee com agent mcagent exe C WINDOWS SM BG EXE C WINDOWS System P P Networking P P Networking exe C WINDOWS System rundll exe C Program Files Messenger msmsgs exe C PROGRA McAfee com PERSON MpfAgent exe C Program Files Greetings Workshop GWREMIND EXE C WINDOWS system ntvdm exe C Documents and Settings Heather My Documents pc repair chris HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKCU Software Microsoft Internet Explorer SearchURL Default http rd companion yahoo com slv ycheck as http search yahoo com search p s R - URLSearchHook Adult Search - DD BCA -F - D-A E- DA C D DD - C WINDOWS Downloaded Program Files QaBar dll R - URLSearchHook PerfectNavBHO Class - A DC -FC - be- A -E F C C A - C PROGRA PERFEC BHO PERFEC DLL O - BHO MyWebSearch Search Assistant BHO - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL O - BHO myBar BHO - D D -F E - ad- A - ECE AC - C Program Files MyWay myBar bin MYBAR DLL O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO mwsBar BHO - B EA -A - -B BB- DE CCA - C Program Files MyWebSearch bar bin MWSBAR DLL O - BHO Yahoo Companion BHO - F F -AF - d - - B F E - C Program Files Yahoo Common ycomp dll O - BHO no name - E BD F- B D- E-C FF-FD B A D - C PROGRA COMMON Real Toolbar realbar dll O - BHO NavErrRedir Class - A DC -FC - be- A -E F C C A - C PROGRA PERFEC BHO PERFEC DLL O - BHO no name - FDD B - D - ffb- - B AD ACC - c Program Files Microsoft Money System mnyviewer dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C Program Files Yahoo Common ycomp dll O - Toolbar Adult Links - E B - - -BDBE- F BA AB - C WINDOWS Downloaded Program Files QaBar dll O - Toolbar My amp Web Search - B EA -A - -B BB- DE CCA - C Program Files MyWebSearch bar bin MWSBAR DLL O - Toolbar amp SearchBar - D D -F E - ad- A - ECE AC - C Program Files MyWay myBar bin MYBAR DLL O - Toolbar REALBAR - E BD F- B D- E-C FF-FD B A D - C PROGRA COMMON Real Toolbar realbar dll O - HKLM Run BlockTracker c hp bin BlockTracker exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run KBD C HP KBD KBD EXE O - HKLM Run StorageGuard quot C Program Files VERITAS Software Update Manager sgtray exe quot r O - HKLM Run WCOLOREAL quot C Program Files COMPAQ Coloreal coloreal exe quot O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run PS C WINDOWS system ps exe O - HKLM Run S TRAY S tray exe O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run MPFExe C PROGRA McAfee com PERSON MpfTray exe O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe C PROGRA mcafee com agent McUpdate exe O - HKLM Run SM BG C WINDOWS SM BG EXE O - HKLM Run P P Networking C WINDOWS System P P Networking P P Networking exe AUTOSTART O - HKLM Run New net Startup rundll C PROGRA NEWDOT NEWDOT DLL NewDotNetStartup O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - Startup Greetings Workshop Reminders lnk C Program Files Greetings Workshop GWREMIND EXE O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS O... Read more

A:please review this

First, remove New.Net via your Add/Remove programs ... if you remove this thing improperly, you will likely lose your Internet connection.

Next, go here for the free Ad-Aware 6 Personal Build 181: http://www.lavasoft.de/support/download/

Launch the program ... on the start-up screen, you will need to first run the Webupdate Feature (globe at the top), or click "check for updates" to get the Reference File up to date.

Please use the Custom Scan with Memory and Both registry scans ON. Also.... make sure that you activate IN-DEPTH scanning before you proceed.

Then see that you have these options checked:
Under Ad-aware 6 Settings, Scanning, Memory & Registry:
"Scan My Hosts File" ...

Under Ad-Aware 6 Settings, Tweaks, Scanning Engine:
"Unload recognized processes during scanning."
Under Ad-Aware 6 Settings, Tweaks, Cleaning Engine:
"Let Windows remove files in use after reboot."

Next ...

Run Ad-Aware 6.
Mark the objects you wish to eliminate for removal. There are many options available with a right-click.
Make a Quarantine only if you do not have the Auto-Quarantine option ON.
Then choose "Next" to remove the chosen objects.
Finally ... Reboot

Please read http://forums.techguy.org/t164245/s.html for further instructions, settings , etc.

After restarting your computer, post a fresh HJT log.
 

https://forums.techguy.org/threads/please-review-this.216964/
Relevancy 29.67%

Intel Core i5-4690K, MSI GeForce GTX 970, Cooler Master Elite 431 Plus (Black) - System Build - PCPartPicker

What do you guys think of it? Is it great or does it need improvements?

A:Review my rig:

Not bad at all, if you have room for a little more money I'd suggest you replace that WD caviar blue with 1TB WD caviar black which has higher cache and would be best for gaming

http://www.eightforums.com/gaming/68657-review-my-rig.html
Relevancy 29.67%

Think I have a Trojan Computer running slow popups galore weird Your help is appreciated GRM Logfile of HijackThis v Scan saved at PM on Platform Windows SE Win x A MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM mmtask tsk C PROGRAM FILES GRISOFT AVG AVGSERV EXE C WINDOWS EXPLORER EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C PROGRAM FILES email protected email protected C PROGRAM FILES GRISOFT AVG AVGCC EXE C PROGRAM FILES DIGSTREAM DIGSTREAM EXE C Please review my Log HJT PROGRAM FILES COMMON FILES REAL UPDATE OB REALSCHED EXE C WINDOWS Please review my HJT Log SYSTEM DDHELP Please review my HJT Log EXE C WINDOWS APPLICATION DATA BALA EXE C WINDOWS SYSTEM Please review my HJT Log WNSTSSU EXE C WINDOWS SYSTEM WMIEXE EXE C PROGRAM FILES HIJACK THIS HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Start Page http www azcentral com R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by Cox High Speed Internet R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www azcentral com O - BHO no name - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER DLL O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run SystemTray SysTray Exe O - HKLM Run seticlient C Program Files email protected email protected -min O - HKLM Run Tweak UI RUNDLL EXE TWEAKUI CPL TweakMeUp O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run AVG CC C PROGRAM FILES GRISOFT AVG avgcc exe startup O - HKLM Run NvCplDaemon RUNDLL EXE NvQTwk NvCplDaemon initialize O - HKLM Run nwiz nwiz exe install O - HKLM Run DIGStream C Program Files DIGStream digstream exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices Avgserv exe C PROGRA GRISOFT AVG Avgserv exe O - HKCU Run Rerr C WINDOWS Application Data bala exe O - Extra context menu item amp Download with amp DAP - C PROGRA DAP dapextie htm O - Plugin for bcf C PROGRA INTERN Plugins NPBelv dll O - DPF C -D D- D - A - C FF BB BrowseFolderPopup Class - http download mcafee com molbin Shared MGBrwFld cab O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http download macromedia com pub shockwave cabs flash swflash cab O - DPF B -CDD - F - - B ECD CA CA HearMe VoiceCREATOR - http vp hearme com products vp embedded plugins evp cab O - DPF ABE - - -A B -BF E CAAC HearMe Microphone Configuration Wizard - http www hearme com products vp config plugins evpcfg cab O - DPF Talk City EZTalk - http morechat talkcity com java ezmed ezmed cab O - DPF Yahoo Chat - http us chat yimg com us yimg com i chat applet c chat cab O - DPF CA E D - - D -BF E- C D HearMe VCDownload Class - http eudora voicecontact com vc plugins VC Setup cab O - DPF - B- D - EAC- C D CF iPIX ActiveX Control - http www ipix com viewers ipixx cab O - DPF ESPN com NBA GameCast - http scores espn go com java NBAGameCastInstall cab O - DPF ESPN com MLB GameCast - http scores espn go com java MLBGameCastInstall cab O - DPF B BCA- F C- CF- - Shockwave ActiveX Control - http download macromedia com pub shockwave cabs director sw cab O - DPF E A - D F- - - D B MSN Chat Control - http fdl msn com public chat msnchat cab O - DPF E F - B - D - - BD D sys Class - http www pcpitstop com pcpitstop PCPitStop CAB O - DPF B EE-B - D - - BD D iCC Class - http www pcpitstop com internet pcpConnCheck cab O - DPF FB -C - D - F- A C F mhLabel Class - http www pcpitstop com mhLbl cab O - DPF FB FE - D B- D- -C BE AFA F DiskHealth Class - http www pcpitstop com pcpitstop diskhealth cab O - DPF D D - - D -BDCD- C F A B HouseCall Control - http ... Read more

A:Please review my HJT Log

Hi, Yes
Weird is right; this is the infection, but no registry entry is in the log where it usually appears under the 04 section....

It usually has a Reg entry under HKEY Current User with a random 4-letter file name.

C:\WINDOWS\SYSTEM\WNSTSSU.EXE
And, I think this also should go:

O4 - HKCU\..\Run: [Rerr] C:\WINDOWS\Application Data\bala.exe

Reboot, then find and delete this file:

C:\WINDOWS\APPLICATION DATA\BALA.EXE

If you want to make sure nothing important is deleted, try renaming the file...
Another trick is to check the running tasks ((Hit CTRL+ALT+DEL once, see if bala.exe is in the list and end task it---you should then be able to rename or delete it.
You may need to use Safe Mode, and the file may or may not be there. If it won't be deleted, try renaming the file to bala.old or something. If you know this file belongs to something you do use....leave it alone. I would think a good antivirus scanner would have detected it, but not all work well against trojans, etc.

You should have "Show All Files" turned on in Windows Explorer> View>Folder Options>View again...> that is so you can be sure you are able to see all files / trojans etc like to hide as hidden files....
 

https://forums.techguy.org/threads/please-review-my-hjt-log.217796/
Relevancy 29.67%

could you review please HT log review this this log have run adaware and spybot but whenever I right click on a folder delete or copy windows explorer encounters an error and has to shut down very annoying thanks in advance please review this HT log Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati please review this HT log evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C Program Files Common Files Symantec Shared ccProxy exe C Program Files Norton Internet Security Professional Norton AntiVirus navapsvc exe C Program Files Norton Internet Security Professional Norton AntiVirus SAVScan exe C Program Files Common Files Symantec Shared SNDSrvc exe C PROGRA NORTON NORTON SPEEDD NOPDB EXE C WINDOWS System svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system Ati evxx exe C WINDOWS System MMTray exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Microsoft IntelliPoint point exe C please review this HT log WINDOWS VM STI EXE C Program Files Messenger msmsgs exe C WINDOWS System ctfmon exe C PROGRA INCRED bin ImApp exe C Program Files Shareaza Shareaza exe C Program Files eMuleplus eMule emule exe C Program Files Terrapin FTP ftp exe C WINDOWS explorer exe C Program Files Microsoft Office Office FRONTPG EXE C Program Files Internet Explorer iexplore exe C Zips HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www google co uk O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Web assistant - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton Internet Security Professional Norton AntiVirus NavShExt dll O - Toolbar Web assistant - B EAC - D - b e- B -A C A A - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton Internet Security Professional Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run MMTray MMTray exe O - HKLM Run NeroCheck C WINDOWS system NeroCheck exe O - HKLM Run ElbyCheckElbyCDFL quot C Program Files Elaborate Bytes CloneCD ElbyCheck exe quot L ElbyCDFL O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run URLLSTCK exe C Program Files Norton Internet Security Professional UrlLstCk exe O - HKLM Run Advanced Tools Check C PROGRA NORTON NORTON AdvTools ADVCHK EXE O - HKLM Run IntelliPoint quot C Program Files Microsoft IntelliPoint point exe quot O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run BigDogPath C WINDOWS VM STI EXE ZECA USB Pc Camera O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run IncrediMail C PROGRA INCRED bin IncMail exe c O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - HKCU Run Shareaza quot C Program Files Shareaza Shareaza exe quot -tray O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item amp Add animation to IncrediMail Style Box - C PROGRA INCRED bin resources WebMenuImg htm O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Messenger HKLM O - Extra Tools menuitem Messenger HKLM ... Read more

A:please review this HT log

Paste it here, and someone will help you ...
 

https://forums.techguy.org/threads/please-review-this-ht-log.217968/
Relevancy 29.67%

I ve run spybot amp ad-aware and removed virii Can anyone find anything else I need to fix Thanks in advance Logfile of HijackThis v Scan saved at AM on Platform Windows ME Win x MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS BCMDMMSG EXE C WINDOWS SYSTEM MPREXE EXE C PROGRAM FILES COMMON FILES SYMANTEC SHARED CCEVTMGR EXE C WINDOWS SYSTEM SSDPSRV EXE C WINDOWS SYSTEM MSTASK EXE C WINDOWS Log for review H/T SYSTEM STIMON EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS EXPLORER EXE C WINDOWS H/T Log for review SYSTEM PRINTRAY EXE C WINDOWS SYSTEM SPOOL H/T Log for review EXE C WINDOWS SYSTEM LEXBCES EXE C WINDOWS SYSTEM RPCSS EXE C PROGRAM FILES COMMON FILES SYMANTEC SHARED CCAPP EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS LOADQM EXE C WINDOWS SYSTEM WMIEXE EXE C PROGRAM FILES COMMON FILES ADAPTEC SHARED CREATECD CREATECD EXE C PROGRAM FILES ROXIO EASY CD CREATOR DIRECTCD DIRECTCD EXE C PROGRAM FILES MSN MESSENGER MSNMSGR EXE C PROGRAM FILES EXIF LAUNCHER QUICKDCF EXE C SIERRA CARDSTUDIO PLNRNOTE EXE C PROGRAM FILES HEWLETT-PACKARD DIGITAL IMAGING BIN HPOTDD EXE C WINDOWS SYSTEM LEXPPS EXE C WINDOWS SYSTEM DDHELP EXE C WINDOWS DESKTOP HIJACKTHIS EXE R - HKLM Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - BHO no name - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - HKLM Run LexmarkPrinTray PrinTray exe O - HKLM Run LexStart Lexstart exe O - HKLM Run Norton Auto-Protect C PROGRA NORTON NAVAPW EXE LOADQUIET O - HKLM Run BCMDMMSG BCMDMMSG exe O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot C Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run PCHealth C WINDOWS PCHealth Support PCHSchd exe -s O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run OEMRUNONCE c windows options cabs oemrun exe O - HKLM Run LoadQM loadqm exe O - HKLM Run CreateCD quot C Program Files Common Files Adaptec Shared CreateCD CreateCD exe quot -r O - HKLM Run AdaptecDirectCD quot C Program Files Roxio Easy CD Creator DirectCD DirectCD exe quot O - HKLM RunServices ccEvtMgr quot C Program Files Common Files Symantec Shared ccEvtMgr exe quot O - HKLM RunServices SSDPSRV C WINDOWS SYSTEM ssdpsrv exe O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices StillImageMonitor C WINDOWS SYSTEM STIMON EXE O - HKLM RunServices ScriptBlocking quot C Program Files Common Files Symantec Shared Script Blocking SBServ exe quot -reg O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices StateMgr C WINDOWS System Restore StateMgr exe O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - Startup Exif Launcher lnk C Program Files Exif Launcher QuickDCF exe O - Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Startup Event Planner Reminders Tray Icon lnk C SIERRA CardStudio PLNRnote exe O - Startup hp instant support lnk C Program Files Hewlett-Packard hpis bin matcli exe O - Startup QuickBooks Delivery Agent lnk C Program Files Intuit QuickBooks Pro Components QBAgent qbdagent exe O - Startup hpoddt exe lnk C Program Files Hewlett-Packard Digital Imaging bin hpotdd exe O - Extra button Related HKLM O - Extra Tools menuitem Show amp Related Links HKLM O - Extra Tools menuitem Sun Java Console HKLM nbsp

Relevancy 29.67%

Can you please review my HT Log I was hit by the W Kwbot F Worm and have run Adaware and Spybot already Thanks Nicola Logfile of log review my Please HT HijackThis v Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C phpdev apache Apache exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C Please review my HT log Program Files Norton AntiVirus navapsvc exe C WINDOWS System svchost exe C WINDOWS system fxssvc exe C phpdev apache Apache exe C Program Files McAfee McAfee Firewall CPD EXE C WINDOWS System hkcmd exe C Program Files Roxio Easy CD Creator DirectCD DirectCD exe C Program Files Alcatel SpeedTouch USB Dragdiag exe C Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe C Program Files Real RealPlayer RealPlay exe C Program Files McAfee McAfee Shared Components Guardian CMGrdian exe C Program Files Wanadoo NL Mnu IGOMNU EXE C Program Files Microsoft ActiveSync WCESCOMM EXE C Program Files McAfee McAfee Shared Components Instant Updater RuLaunch exe C WINDOWS System ctfmon exe C Program Files McAfee McAfee Firewall CPD EXE C WINDOWS System rundll exe C Program Files Hewlett-Packard HP Share-to-Web hpgs wnf exe C Program Files Adobe Acrobat Distillr acrotray exe C Palm HOTSYNC EXE C Program Files Microsoft SQL Server Tools Binn sqlmangr exe C Program Files Microsoft Office Office msoffice exe C Program Files Microsoft Office Office OUTLOOK EXE C Program Files Messenger msmsgs exe C Program Files Internet Explorer IEXPLORE EXE C phpdev ApacheMonitor exe C phpdev mysql bin mysqld-nt exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Microsoft Office Office WINWORD EXE C Program Files MSN Messenger msnmsgr exe C WINDOWS msagent AgentSvr exe C Program Files Adobe Photoshop Photoshop exe C Program Files Microsoft Office Office POWERPNT EXE C Program Files Microsoft Office Office EXCEL EXE C Program Files Internet Explorer IEXPLORE EXE C Spyware HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www areaverde nl R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www euro dell com R - HKLM Software Microsoft Internet Explorer Main Start Page http www wanadoo nl R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www wanadoo nl O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Acrobat ActiveX AcroIEHelper dll O - BHO no name - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO NAV Helper - BDF E -B -A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB-- DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Adobe PDF - - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run NAV Agent C PROGRA NORTON navapw exe O - HKLM Run AdaptecDirectCD C Program Files Roxio Easy CD Creator DirectCD DirectCD exe O - HKLM Run SpeedTouch USB Diagnostics quot C Program Files Alcatel SpeedTouch USB Dragdiag exe quot icon O - HKLM Run Share-to-Web Namespace Daemon C Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe O - HKLM Run RealTray C Program Files Real RealPlayer RealPlay exe SYSTEMBOOTHIDEPLAYER O - HKLM Run McAfee Guardian quot C Program Files McAfee McAfee Shared Components Guardian CMGrdian exe quot SU O - HKCU Run Wanadoo Menu C Program Files Wanadoo NL Mnu IGOMNU EXE S T O - HKCU Run H PC Connection Agent quot C Program Files Microsoft ActiveSync WCESCOMM EXE quot O - HKCU Run McAfee InstantUpdate Monitor quot C Program Files McAfe... Read more

A:Please review my HT log

Please update Hijack This to the latest version which is v1.97.7 and then repost your log in case something shows in the later version that the earlier one didn't pick up.

Config. - misc. tools - check for updates on-line

Cookie
 

https://forums.techguy.org/threads/please-review-my-ht-log.218746/
Relevancy 29.67%

Hi Almost every time I use my computer svchost starts chewing up all my CPU I am trying to figure out what is causing it Any help would be appreciated Logfile of Trend Micro HijackThis v BETA Scan saved at PM on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS SYSTEM winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system ZoneLabs vsmon exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS system ZoneLabs avsys ScanningProcess exe C WINDOWS system ZoneLabs avsys ScanningProcess exe C Program review log my Please HJT Files Zone Labs ZoneAlarm zlclient exe C Program Files Common Files Please review my HJT log Real Update OB realsched exe C Program Files QuickTime qttask exe C WINDOWS system ctfmon exe Please review my HJT log C Program Files Skype Phone Skype exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Common Files Sonic Shared CineTray exe C Program Files Skype Plugin Manager skypePM exe C Program Files ANI ANIWZCS Service ANIWZCSdS exe C WINDOWS system DVDRAMSV exe C Program Files Google Please review my HJT log Common Google Updater GoogleUpdaterService exe C PROGRA PANASO REMOTE kmentsrv exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files CyberLink Shared Files RichVideo exe C WINDOWS system wscntfy exe C WINDOWS System svchost exe C Program Files Internet Explorer iexplore exe C Program Files Microsoft Office OFFICE WINWORD EXE C Program Files Uniblue RegistryBooster RegistryBooster exe C Documents and Settings Kevin Desktop HiJackThis v exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www cbc ca R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Skype add-on mastermind - BF B-C D - d - A -A F BA C - C Program Files Skype Toolbars Internet Explorer SkypeIEPlugin dll O - BHO My Global Search Bar BHO - B A - B- - CAD- E - no file O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run ZoneAlarm Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run Skype quot C Program Files Skype Phone Skype exe quot nosplash minimized O - HKCU Run swg C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe O - HKCU Run Uniblue RegistryBooster C Program Files Uniblue RegistryBooster RegistryBooster exe S O - Global Startup Sonic CinePlayer Quick Launch lnk C Program Files Common Files Sonic Shared CineTray exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Skype - BF - - EC - -D B E B - C Program Files Skype Toolbars Internet Explore... Read more

A:Please review my HJT log

Hello and welcome to TSF.

Sorry for the delayed response. I cannot see anything in the log to indicate malware. Maybe something is updating. Do you have any other problems? As it has been a while since you posted, please post a fresh HijackThis log and let's see if anything has changed in the meantime. However, you are using a beta version of HijackThis. Uninstall HijackThis V2.0.0 via Add/Remove Programs in Control Panel and then go to

http://downloads.malwareremoval.com/HJTsetup.exe.

Click on the link and select Save, save it to your desktop and double click HJTsetup.exe.

Open HijackThis and select: Do a system scan and save a log file.

When the scan is finished, Click Edit> Select All> Edit> Copy> and paste its contents here.

http://www.techsupportforum.com/forums/f284/please-review-my-hjt-log-158121.html
Relevancy 29.67%

My Please log review computer is acting up will you please review my log Thanks Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe Please review log C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS System CTsvcCDA EXE c PROGRA Please review log mcafee com vso mcvsrte exe C Program Please review log Files Common Files Microsoft Shared VS Debug mdm exe C PROGRA McAfee com PERSON MPFSERVICE exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C WINDOWS System MsPMSPSv exe c PROGRA mcafee com vso mcshield exe C WINDOWS Explorer EXE C WINDOWS System ctfmon exe C Program Files Dell Support Alert bin DAMon exe C PROGRA mcafee com agent mcagent exe C Program Files McAfee com MPS mscifapp exe C PROGRA mcafee com vso mcvsshld exe C PROGRA McAfee com PERSON MpfTray exe c progra mcafee com vso mcvsescn exe C WINDOWS System devldr exe C PROGRA McAfee com PERSON MpfAgent exe C Documents and Settings Suzan My Documents Dowloaded free shareware HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http smbusiness dellnet com R - HKLM Software Microsoft Internet Explorer Main Start Page http smbusiness dellnet com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Acrobat ActiveX AcroIEHelper ocx O - BHO no name - B AA -DAF - -BD D- F BCB E - c program files mcafee com mps mcbrhlpr dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - HKLM Run Dell Alert C Program Files Dell Support Alert bin DAMon exe O - HKLM Run MCAgentExe C PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe C PROGRA mcafee com agent McUpdate exe O - HKLM Run MPSExe C Program Files McAfee com MPS mscifapp exe embedding O - HKLM Run VirusScan Online quot c PROGRA mcafee com vso mcvsshld exe quot O - HKLM Run VSOCheckTask quot c PROGRA mcafee com vso mcmnhdlr exe quot checktask O - HKLM Run MPFExe C PROGRA McAfee com PERSON MpfTray exe O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run RoxioEngineUtility quot C Program Files Common Files Roxio Shared System EngUtil exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Messenger HKLM O - Extra Tools menuitem Messenger HKLM O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - DPF Yahoo Finance MarketTracker - http finance yahoo com jmt mt cab O - DPF BCC -B - - C - D A B C Microsoft Office Template and Media Control - http office microsoft com templates ieawsdc cab O - DPF BF D - C - B -BC -D ABDDC B QuickTime Object - http www apple com qtactivex qtplugin cab O - DPF C -D D- D - A - C FF BB BrowseFolderPopup Class - http download mcafee com molbin Shared MGBrwFld cab O - DPF E F - B - D - - BD D PCPitstop Utility - http www pcpitstop com pcpitstop PCPitStop CAB O - DPF B BCA- F C- CF- - Shockwave ActiveX Control - http download macromedia com pub shockwave cabs director sw cab O - DPF B CD - E - D - - A C Yahoo Audio Conferencing - http us chat yimg com us yimg com i chat applet v yacscom cab O - DPF D - - - - AA B - http download microsoft com download F E F E A - E - E - F F- C wmv VCM CAB O - DPF C C - C - B- -DD A B McAfee com Download Installer Class - http download mcafee com molbin shared mcinsctl en-us mcinsctl cab O - DPF E E -C DE- FF- AE- EE F C CE Office Update Installation Engine - http office microsoft com officeup... Read more

Relevancy 29.67%

please review this HT log have run adawre and spybot but still getting windows explorer has encountered an error whenver I right click on a folder thanks in advance Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati evxx exe C WINDOWS system please this HT review log svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C Program Files Common Files please review this HT log Symantec Shared ccProxy exe C Program Files Norton Internet Security Professional Norton AntiVirus navapsvc please review this HT log exe C Program Files Norton Internet Security Professional Norton AntiVirus SAVScan exe C Program Files Common Files Symantec Shared SNDSrvc exe C PROGRA NORTON NORTON SPEEDD NOPDB please review this HT log EXE C WINDOWS System svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system Ati evxx exe C WINDOWS System MMTray exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Microsoft IntelliPoint point exe C WINDOWS VM STI EXE C Program Files Messenger msmsgs exe C WINDOWS System ctfmon exe C PROGRA INCRED bin ImApp exe C Program Files Shareaza Shareaza exe C Program Files eMuleplus eMule emule exe C Program Files Terrapin FTP ftp exe C WINDOWS explorer exe C Program Files Microsoft Office Office FRONTPG EXE C Program Files Internet Explorer iexplore exe C Zips HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www google co uk O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Web assistant - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton Internet Security Professional Norton AntiVirus NavShExt dll O - Toolbar Web assistant - B EAC - D - b e- B -A C A A - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton Internet Security Professional Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run MMTray MMTray exe O - HKLM Run NeroCheck C WINDOWS system NeroCheck exe O - HKLM Run ElbyCheckElbyCDFL quot C Program Files Elaborate Bytes CloneCD ElbyCheck exe quot L ElbyCDFL O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run URLLSTCK exe C Program Files Norton Internet Security Professional UrlLstCk exe O - HKLM Run Advanced Tools Check C PROGRA NORTON NORTON AdvTools ADVCHK EXE O - HKLM Run IntelliPoint quot C Program Files Microsoft IntelliPoint point exe quot O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run BigDogPath C WINDOWS VM STI EXE ZECA USB Pc Camera O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run IncrediMail C PROGRA INCRED bin IncMail exe c O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - HKCU Run Shareaza quot C Program Files Shareaza Shareaza exe quot -tray O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item amp Add animation to IncrediMail Style Box - C PROGRA INCRED bin resources WebMenuImg htm O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Messenger HKLM O - Extra Tools menuitem Messenger HKLM O - DPF B BCA- F C- CF- - Shockwa... Read more

Relevancy 29.67%

machine is running winxp and i've been having a strange issue where log? new can - my review i'm you my typing and web-browsing etc are iterrupted infrequenty by a short second pause - then my typing i'm new - can you review my log? surfing clicking continues weird a hijackthis log and a i'm new - can you review my log? startuplist log are posted below if i need to provide additional information details please let me know thanks very much in advance Logfile of Trend Micro HijackThis v BETA Scan saved at PM on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Eset nod krn exe C WINDOWS system HPZipm exe C WINDOWS system svchost exe C WINDOWS Explorer EXE C Program Files Java jre bin jusched exe C Program Files Eset nod kui exe C Program Files Microsoft Office Office GrooveMonitor exe C Program Files AirPort APDiskAgent exe C WINDOWS system ctfmon exe C Program Files NETGEAR WG v WG v exe C PROGRA Mozilla Firefox firefox exe C Program Files uTorrent utorrent exe C Documents and Settings carl Desktop HiJackThis v exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie www yahoo com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C PROGRA MICROS Office GRA E DLL O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run nod kui quot C Program Files Eset nod kui exe quot WAITSERVICE O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run GrooveMonitor quot C Program Files Microsoft Office Office GrooveMonitor exe quot O - HKLM Run APDiskAgent quot C Program Files AirPort APDiskAgent exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run AdobeUpdater C Program Files Common Files Adobe Updater AdobeUpdater exe O - S- - - Startup Adobe Gamma lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe User 'SYSTEM' O - DEFAULT Startup Adobe Gamma lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe User 'Default user' O - Startup Adobe Gamma lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Global Startup NETGEAR WG v Smart Wizard lnk O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Send to OneNote - A- - f c- - EE C C - C PROGRA MICROS Office ONBttnIE dll O - Extra 'Tools' menuitem S amp end to OneNote - A- - f c- - EE C C - C PROGRA MICROS Office ONBttnIE dll O - Extra button Bonjour - F DB ... Read more

A:i'm new - can you review my log?

please remove my post above, i was unable to find a link/button to do so...

i did not follow the correct log and posting process...

will repost later, thank you and sorry for the inconvienience...

http://www.techsupportforum.com/forums/f284/im-new-can-you-review-my-log-163635.html
Relevancy 29.67%

I would just like to get an expert's opinion on what should go and what should stay Also try and guess what kind of a computer user I am DDS Ver - - - NTFSx Run by Mr X at on Fri Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - Running Processes C Program Files Faronics Deep Freeze Install C- DF Serv exe C WINDOWS system nvsvc exe C WINDOWS system svchost -k DcomLaunch C WINDOWS system svchost -k rpcss C WINDOWS System svchost exe -k netsvcs C WINDOWS system svchost exe -k LocalService C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Someone my review DDS please log Files HTV HTV exe C Program Files MSN Messenger MsnMsgr Exe C WINDOWS system ctfmon exe C Program Files VisualTaskTips VisualTaskTips exe C WINDOWS mstwain exe C Documents and Settings John Pliskin Start Menu Programs Startup ctfmon exe C WINDOWS system svchost exe -k LocalService C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files Java jre bin jqs exe c Program Files Microsoft SQL Server MSSQL MSSQL Binn sqlservr exe C Program Files Yahoo Messenger ymsgr tray exe C Program Files Faronics Deep Freeze Install C- Df FrzState k exe C Program Files CDBurnerXP NMSAccessU exe C WINDOWS system svchost exe -k imgsvc C WINDOWS system Someone please review my DDS log wscntfy exe C WINDOWS System alg exe C PROGRA DAP DAP exe C PROGRA SPEEDB VideoAcceleratorService exe C Program Files SpeedBit Video Accelerator VideoAccelerator exe C WINDOWS system svchost exe -k NetworkService C PROGRA Someone please review my DDS log SPEEDB VideoAcceleratorEngine exe C Program Files Sandboxie SbieSvc exe C Program Files Sandboxie SbieCtrl exe C xampp xampp-control exe C xampp apache bin httpd exe C xampp apache bin httpd exe C Program Files MySQL MySQL Server bin mysqld-nt exe C xampp filezillaftp filezillaserver exe C xampp MercuryMail mercury exe C Program Files MSN Messenger usnsvc exe C WINDOWS Microsoft NET Framework v mscorsvw exe C WINDOWS system msdtc exe C WINDOWS system dllhost exe C WINDOWS system wuauclt exe C Program Files Mozilla Firefox firefox exe C Documents and Settings John Pliskin Desktop Tools putty exe C Program Files Wireshark wireshark exe C Program Files Nmap zenmap exe C Program Files Socketsoft DoS-HTTP DoSHTTP exe C Program Files Microsoft Visual Studio VB VB EXE M Black Project Trojan Droppers BuBind v BuBind exe M Black Project Trojan RATs SubSeven RAT sub exe M Black Project Trojan RATs Turkojan RAT Turkojan Client exe C Documents and Settings John Pliskin Desktop dds scr C WINDOWS system wbem wmiprvse exe Pseudo HJT Report uStart Page hxxp www turkojan com uSearch Bar hxxp safesearch cyberdefender com smallsearch html uInternet Settings ProxyServer Address Port uInternet Settings ProxyOverride local BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program files common files adobe acrobat activex AcroIEHelperShim dll BHO AskBar BHO f d - - d - c -aa e ed - c program files askbardis bar bin askBar dll BHO AVG Safe Search ca f - f e- b -a e- e e c c - c program files avg avg avgssie dll BHO Java tm Plug-In SSV Helper bb-d f - c-b eb-d daf d d - c program files java jre bin ssv dll BHO E D - A- EC-A -BA D E E - No File BHO Windows Live Sign-in Helper d - c - abf- ecc- c - c program files common files microsoft shared windows live WindowsLiveLogin dll BHO Java tm Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dll BHO DAPIELoader Class ff c cf - b - d -abed- c - c progra dap DAPIEL DLL TB Ask Toolbar d e-fd b- e -b - d b f - c program files askbardis bar bin askBar dll TB A A -BACC- D - - A E E - No File TB A FE-B B - -A DC- CBD C B D - No File uRun MsnMsgr quot c program files msn messenger MsnMsgr Exe quot background uRun DAEMON Tools Lite quot c program files daemon too... Read more

A:Someone please review my DDS log

Hello and welcome to TSF

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

========

Please follow all instructions and in which order they come, if you have any questions, please ask before proceeding. Its important that you follow this through until i give you the all clear.

Please DO NOT Attach logs to your posts unless you are advised to do so.

========

Your logs suggest the possibility that your computer was attacked by a backdoor trojan. This type of infection allows hackers to remotely control your computer, steal critical system information and download and execute files without your knowledge.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Please read this: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

=========

Please post the ark.txt from the GMER scan along with attach.txt from the DDS scan.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

http://www.techsupportforum.com/forums/f284/someone-please-review-my-dds-log-389182.html
Relevancy 29.67%

Hi I followed as many of the instructions as I could find here -DL spybot updated checked all those thingies scanned reboot -DL adaware updated scanned reboot -DL HJT had to find that link here for the MSVBM dll that I saw earlier ran HJT saved log DIDN t FIX ANYTHING and cut and pasting log here for further instructions -I see the above instructions all over the place noticed e-Liam cut and pasting it Is there a full easy to find step by step instruction on here Or does it vary too often with PC and or personal pref s of the helpers I looked through some FAQ s and other places I may have just missed it P -anyhow I love the site So many friends coworkers family have asked me for help most of what I know is from trial and error reading visiting places like this I mostly refer them to you guys and tell them that any weird problem that they have someone else has already had it and a simple search on here and voila ------------ Logfile of HijackThis v Scan saved at PM on Platform Windows Gold Win x MSIE Unable to get Internet Explorer version Running processes C WINDOW SYSTEM KERNEL DLL C WINDOW SYSTEM MSGSRV EXE C WINDOW SYSTEM MPREXE EXE C WINDOW 1st HJT! review! My please log, SYSTEM MSTASK EXE C WINDOW SYSTEM ZONELABS VSMON EXE C PROGRAM FILES NORTON ANTIVIRUS NAVAPW EXE C WINDOW SYSTEM mmtask tsk C WINDOW EXPLORER EXE C My 1st HJT! log, please review! WINDOW SYSTEM RPCSS EXE C WINDOW TASKMON EXE C WINDOW SYSTEM SYSTRAY EXE C PROGRAM FILES AHEAD INCD INCD EXE C PROGRAM FILES ZONE LABS ZONEALARM ZONEALARM EXE C PROGRAM FILES NETSCAPE NETSCP EXE C UNZIPPED HIJACKTHIS HIJACKTHIS EXE N - Netscape user pref quot browser startup homepage quot quot quot C WINDOW Application Data Mozilla My 1st HJT! log, please review! Profiles default e v yhai slt prefs js N - Netscape user pref quot browser search defaultengine quot quot engine C A CPROGRAM FILES CNETSCAPE CNETSCAPE Csearchplugins CSBWeb src quot C WINDOW Application Data Mozilla Profiles default e v yhai slt prefs js O - BHO no name - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - Toolbar amp Radio - E - F- D - E- A C - C WINDOW SYSTEM MSDXM OCX O - HKLM Run ScanRegistry C WINDOW scanregw exe autorun O - HKLM Run TaskMonitor C WINDOW taskmon exe O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run Norton Auto-Protect C PROGRA NORTON NAVAPW EXE LOADQUIET O - HKLM Run InCD C Program Files ahead InCD InCD exe O - HKLM Run mdac runonce C WINDOW SYSTEM runonce exe O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices TrueVector C WINDOW SYSTEM ZONELABS VSMON EXE -service O - Global Startup ZoneAlarm lnk C Program Files Zone Labs ZoneAlarm zonealarm exe O - Extra button ICQ Pro HKLM O - Extra Tools menuitem ICQ HKLM O - DPF F C AA- B- -BA - A BB F Update Class - http v windowsupdate microsoft com CAB x ansi iuctl CAB O - DPF D - - - - AA B - http download microsoft com download F E F E A - E - E - F F- C wmv VCM CAB I m a bit embarrassed about the win and my mhz comp but it does come with MMX buahaha and i ve somehow managed never to have reformatted P nbsp

A:My 1st HJT! log, please review!

Well if it runs fine then why be embarressed
You have a clean and tidy log.
 

https://forums.techguy.org/threads/my-1st-hjt-log-please-review.187443/
Relevancy 29.67%

Know very little about this program so i was hoping i could find some help to get rid review HJT of anything useless dangerous on the computer I just received a viru detection from AVG trojan horse- clicker ea the file was 'healed quot and then deleted so hopefully i'm okay but i figure i can't be too safe I would really appreciate it if some took a quick look over my log file thanks in advance Logfile of HijackThis v Scan saved at PM on Platform HJT review Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C Program Files Common Files Symantec Shared ccProxy exe C WINDOWS system drivers KodakCCS exe C Program Files Kerio Personal Firewall kpf ss exe C Program Files Norton Internet Security Norton AntiVirus navapsvc exe C Program Files Norton Internet Security Norton AntiVirus SAVScan exe C WINDOWS system ScsiAccess EXE C WINDOWS System svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files Kerio Personal Firewall kpf gui exe C Program Files Common Files Symantec Shared Security Center SymWSC exe C WINDOWS system hkcmd exe C Program Files Java jre bin jusched exe C Program Files Kerio Personal Firewall kpf gui exe C PROGRA Grisoft AVGFRE avgcc exe C Program Files Microsoft AntiSpyware gcasServ exe C Program Files Common Files Real Update OB realsched exe C Program Files Common Files Symantec Shared ccApp exe C Program Files CyberLink DVD Solution PowerDVD PDVDServ exe C Program Files MSN Messenger MsnMsgr Exe C Program Files Messenger msmsgs exe C Program Files Microsoft AntiSpyware gcasDtServ exe C WINDOWS explorer exe C Program Files TheWeatherNetwork WeatherEye WeatherEye exe C PROGRA Grisoft AVGFRE avgwb dat C Program Files Mozilla Firefox firefox exe C WINDOWS winhlp exe C PROGRA MOZILL THUNDE EXE C DOCUME Owner LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http g msn com SEENUS SAOS R - HKLM Software Microsoft Internet Explorer Main Search Bar http g msn com SEENUS SAOS R - HKCU Software Microsoft Internet Connection Wizard ShellNext http svcs microsoft com svcs mms w ger amp Country R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost R - Default URLSearchHook is missing O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Web assistant - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - BHO no name - FDD B - D - ffb- - B AD ACC - C Program Files Microsoft Money System mnyviewer dll O - Toolbar Easy-WebPrint - C -E D- c -AA D- AC BABA C - C Program Files Canon Easy-WebPrint Toolband dll O - Toolbar Web assistant - B EAC - D - b e- B -A C A A - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run Microsoft Works Portfolio C Program Files Microsoft Works WksSb exe AllUsers O - HKLM Run MoneyStartUp quot C Program Files Microsoft Money System Activation exe quot O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run gcasServ quot C Program Files Microsoft Ant... Read more

A:HJT review

Hi wannbfishin

I notice you have AVG and Norton running. It is not a good idea to run two A/V programs as they can conflict with each other.
Please disable one.

Uninstalling Norton and running AVG will free up a lot of resources and still keep you protected

Your log looks good.

As always, to stay clean.

Make sure to get the latest updates for Windows and Internet Explorer at http://v5.windowsupdate.microsoft.co....aspx?ln=en-us.

To help prevent future spyware installations/infections, please read the Anti-Spyware Tutorial and use the tools provided.

If you are having any other problems feel free to reply

http://www.techsupportforum.com/forums/f100/hjt-review-58198.html
Relevancy 29.67%

Hi I'm at my son in law's and have run adaware and spybot in safe mode A few hundred entries were removed also one of thje entries had to be removed at next boot with spybot S amp D Also have uninstalled a few can someone review this log? tool bars and can someone review this log? search progs I fear there will be more nasties hiding in here Here is the hijack log Thanks for your help Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe c program files mcafee com agent mcdetect exe c PROGRA mcafee com agent mctskshd exe c PROGRA mcafee com vso mcvsrte exe C PROGRA MCAFEE COM PERSON MPFSERVICE exe C WINDOWS System svchost exe C WINDOWS system BRMFRSMG EXE c PROGRA mcafee com vso mcshield exe C WINDOWS Explorer EXE C WINDOWS System spool drivers w x hpztsb exe C Program Files Java jre bin jusched exe C PROGRA mcafee com vso mcvsshld exe C PROGRA mcafee com agent mcagent exe C PROGRA MCAFEE COM PERSON MPFTRAY EXE C WINDOWS vsnpstd exe c progra mcafee com vso mcvsescn exe C Program Files iTunes iTunesHelper exe C Program Files QuickTime qttask exe C Program Files iPod bin iPodService exe C Program Files Musicmatch Musicmatch Jukebox mm tray exe C Program Files Musicmatch Musicmatch Jukebox mmtask exe C WINDOWS system wuauclt exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C Program Files Common Files Intuit QuickBooks QBUpdate qbupdate exe C Program Files Logitech SetPoint SetPoint exe C Program Files Common Files Logitech KHAL KHALMNPR EXE C PROGRA MCAFEE COM PERSON MPFAGENT EXE C WINDOWS System svchost exe C Documents and Settings Tony Desktop hijack HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http g msn com SEENUS SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Explorer Main Start Page http www stockwatch com swnet util apshot default R - HKCU Software Microsoft Internet Explorer SearchURL Default http g msn com SEENUS SAOS FORM TOOLBR R - Default URLSearchHook is missing O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - HKLM Run HPDJ Taskbar Utility C WINDOWS System spool drivers w x hpztsb exe O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run VSOCheckTask quot c PROGRA mcafee com vso mcmnhdlr exe quot checktask O - HKLM Run VirusScan Online quot c PROGRA mcafee com vso mcvsshld exe quot O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe C PROGRA mcafee com agent McUpdate exe O - HKLM Run MPFExe C PROGRA MCAFEE COM PERSON MPFTRAY EXE O - HKLM Run snpstd C WINDOWS vsnpstd exe O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run MMTray quot C Program Files Musicmatch Musicmatch Jukebox mm tray exe quot O - HKLM Run mmtask quot C Program Files Musicmatch Musicmatch Jukebox mmtask exe quot O - HKCU Run LDM C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe O - Global Startup QuickBooks Update Agent lnk C Program Files Common Files Intuit QuickBooks QBUpdate qbupdate exe O - Global Startup Logitech SetPoint lnk C Program Files Logitech SetPoint SetPoint exe O - Global Startup Logitech Desktop Messenger lnk C Program Files Logite... Read more

A:can someone review this log?

Looks like you did a pretty good job....let's give your cleaning some more teeth, and see if anything else is lurking:

Download Ewido Security SuiteInstall Ewido Security Suite
When installing, under "Additional Options" uncheck..Install background guard
Install scan via context menu

Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.On the left hand side of the main screen click update.
Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.

---------------------------------------------------------------------------------------------

Download and install CleanUp!
NOTE: Do NOT run this program if you have XP Professional 64 bit edition. If you're unsure please do not run it! Download & run this tool to find out for sure.....http://www.kellys-korner-xp.com/regs...p_whichcpu.exe

---------------------------------------------------------------------------------------------


Run a scan in HijackThis. Check each of the following and hit 'Fix checked' if they still exist (make sure not to miss any):

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZCxdm491YYCA

All O18 entries like this one, EXCEPT the first.

O18 - Protocol: bw+0s - {02C7CF41-895B-4354-98EC-DF2264FAA1C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll


---------------------------------------------------------------------------------------------

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):Empty Recycle Bins
Delete Cookies
Delete Prefetch files (if present)
Cleanup! All Users
Click OK
Press the CleanUp! button to start the program.

It may ask you to log-off/reboot at the end, if it does please do so.

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers.

---------------------------------------------------------------------------------------------

Run Ewido with it's updated definitions:(...it's important that all windows must be closed) Click Scanner
Click Complete System Scan to begin scanning.
Click OK when prompted to clean files
With the first file it prompts to clean, select the option: "Perform action on all infections"
Choose clean and click OK.
Once finished, click the Save report button & save the report to your desktop

** Ewido scan would require at least an hour.

---------------------------------------------------------------------------------------------

Restart in normal mode.

---------------------------------------------------------------------------------------------

Perform an online scan with Internet Explorer with Panda ActiveScan

Click on the "Free To Use ActiveScan" located on the top right hand corner Click Check Now and a "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
Enter your e-mail address, country, and state & click Scan Now * The download of the 8 MB Panda's ActiveX control will take place *
Begin the scan by selecting My Computer If it finds any malware, it will offer you a report.
Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
Click on See report then click Save report
*Turn off the real time scanner of... Read more

http://www.techsupportforum.com/forums/f100/can-someone-review-this-log-97156.html
Relevancy 29.67%

Have run Adaware ewido spybot pandascan cws shredder AVG antivirus scan and clean up all in safe mode logs inlcuded review please ewido panda and hijack Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINNT System smss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system svchost exe C WINNT System svchost exe C WINNT system winlogon exe C WINNT Explorer EXE C Program Files ewido anti-spyware ewido exe C Program Files Grisoft AVG Free avgcc exe C Program Files Internet Explorer iexplore exe C hijack this HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cust ch search html R - HKCU Software Microsoft Internet Explorer Main Start Page http www gateway net R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www gateway net R - HKLM Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cust ch search html R - HKLM Software Microsoft Internet Explorer Main Start Page http red clientapps yahoo com cust www yahoo com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant please review http as starware com dp search x w CD pDFRc A R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - Default URLSearchHook is missing O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D please review BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - Toolbar amp Radio - E - F- D - E- A C - C WINNT System msdxm ocx O - HKLM Run GWMDMMSG GWMDMMSG exe O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run GWMDMpi C WINNT GWMDMpi exe O - HKLM Run IgfxTray C WINNT System igfxtray exe O - HKLM Run HotKeysCmds C WINNT System hkcmd exe O - HKLM Run AdaptecDirectCD quot C Program Files Roxio Easy CD Creator DirectCD DirectCD exe quot O - HKLM Run MMTray C Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run Wshmznte C Program Files Kumq Wxirez exe O - HKLM Run Media Access C Program Files Media Access MediaAccK exe O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run ewido quot C Program Files ewido anti-spyware ewido exe quot minimized O - HKLM RunOnce DeleteYourSiteBar rundll exe advpack dll DelNodeRunDLL quot C Program Files YourSiteBar ysb dll quot O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run kbdest C WINNT System kbdest exe O - HKCU Run ni quot C Documents and Settings Owner ni exe quot O - HKCU Run kbdhe quot C WINNT System kbdhe exe quot O - HKCU Run xolehlp quot C WINNT System xolehlp exe quot O - HKCU Run adsmsext quot C WINNT System adsmsext exe quot O - HKCU Run capesnpn quot C WINNT System capesnpn exe quot O - HKCU Run licmgr quot C WINNT System licmgr exe quot O - Startup wkcalrem LNK C Program Files Common Files Microsoft Shared Works Shared WkCalRem exe O - Global Startup America Online Tray Icon lnk C Program Files America Online aoltray exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Real com - CD F -D E - d - FE- C F AFE - C WINNT System Shdocvw dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - Extra 'Tools' menuitem Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - Plugin for spop C Program Files Internet Explorer Plugins NPDocB... Read more

A:please review

Hello Sleemie, I noticed that you're still using the somewhat antiquated SP1 XP.
Any reason why you havent upgraded to SP2 since your last cleanup?
Your log is filthy. You should stop visiting dubious sites.


Please read this post completely before begining. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.


* * * * * * ADDITIONAL DOWNLOADS * * * * * * * * * * * * * *


Please download ATF Cleaner - http://www.atribune.org/ccount/click.php?id=1

Download - ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe & save it on desktop. We shall be using it later

'UNPLUG'/DISCONNECT your computer from the Internet when you have finished downloading.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.


* * * * * * DISABLING SERVICES * * * * * * * * * * * * * * * * *


Click Start -> Run - type SERVICES.MSC & then click on the OK button Locate the service → dgnet
Double-click on it to open the Properties dialog.
- Change the Startup type to Disabled & then click on the Apply button
- Stop the service by using the Stop button.
Then start HiJackThis & go to Config... → Misc.Tools → Delete an NT service
In the popup box that appears, copy/paste dgnet
Click on the OK button & answer No if prompted to reboot

* * * * * * FIXING ENTRIES WITH HIJACKTHIS * * * * * * * * * *


Do a HijackThis scan & place a check next to these items and select "Fix checked":

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=w... D6pDFRc+64A==
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [Wshmznte] C:\Program Files\Kumq\Wxirez.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\RunOnce: [DeleteYourSiteBar] rundll32.exe advpack.dll,DelNodeRunDLL32 "C:\Program Files\YourSiteBar\ysb.dll"
O4 - HKCU\..\Run: [kbdest] C:\WINNT\System32\kbdest.exe
O4 - HKCU\..\Run: [198_150_ni_3] "C:\Documents and Settings\Owner\198_150_ni_3.exe"
O4 - HKCU\..\Run: [kbdhe] "C:\WINNT\System32\kbdhe.exe"
O4 - HKCU\..\Run: [xolehlp] "C:\WINNT\System32\xolehlp.exe"
O4 - HKCU\..\Run: [adsmsext] "C:\WINNT\System32\adsmsext.exe"
O4 - HKCU\..\Run: [capesnpn] "C:\WINNT\System32\capesnpn.exe"
O4 - HKCU\..\Run: [licmgr10] "C:\WINNT\System32\licmgr10.exe"
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Me.../bridge-c8.cab
O23 - Service: dgnet - Unknown owner - C:\WINNT\System32\dgnet.exe (file missing)


* * * * * * RESTART WINDOWS IN SAFE MODE * * * * * * * * * *


1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the option to run Windows in Safe Mode.


* * * * * * UN-INSTALLING PROGRAMS * * * * * * * * * * * * * *


Go to Start → Control Panel → Add or Remove Programs and uninstall the following programs: BullsEye Network
Internet Optimizer
ISTsvc
Media ... Read more

http://www.techsupportforum.com/forums/f100/please-review-115869.html
Relevancy 29.67%

Hey guys, I work with Adobe and I am looking to get feedback on one of our new services, CS Review. Have any of you guys registered or tried out CS Review?
 

https://forums.techguy.org/threads/cs-review.953113/
Relevancy 29.67%

Problems Lots of pop-ups and it runs and starts-up really slowly Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Soon! Review This Log Please Running processes C WINDOWS System smss exe Please Review This Log Soon! C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe c program files mcafee com agent mcdetect exe c PROGRA mcafee com agent mctskshd exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system nvsvc exe C Program Files Common Files New Boundary PrismXL PRISMXL SYS C WINDOWS system svchost exe C Program Files Viewpoint Common ViewpointService exe C Please Review This Log Soon! Program Files CyberLink PowerDVD PDVDServ exe C WINDOWS system ctfmon exe C WINDOWS System svchost exe C WINDOWS system RUNDLL EXE C Program Please Review This Log Soon! Files Digital Media Reader readericon G exe C PROGRA mcafee com agent mcagent exe c program files mcafee com vso mcvsshld exe C WINDOWS RTHDCPL EXE c progra mcafee com vso mcvsescn exe C Program Files EPSON Creativity Suite Event Manager EEventManager exe C Program Files QuickTime qttask exe C WINDOWS System spool DRIVERS W X E FATIBVA EXE C Program Files Common Files AOL ee AOLHostManager exe C Program Files Common Files AOL ee AOLServiceHost exe C Program Files Common Files Companion Wizard compwiz exe C Program Files Common Files WinAntiVirus Pro wa pcw exe C Program Files iTunes iTunesHelper exe C Program Files Messenger msmsgs exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C Program Files iPod bin iPodService exe c progra mcafee com vso mcvsftsn exe C Program Files LimeWire LimeWire exe C Program Files Google Google Desktop Search GoogleDesktopIndex exe C Program Files Google Google Desktop Search GoogleDesktopDisplay exe C Program Files Google Google Desktop Search GoogleDesktopCrawl exe C Program Files Google Google Desktop Search GoogleDesktopOE exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS explorer exe C WINDOWS system wuauclt exe C Program Files AntiVir PersonalEdition Classic sched exe C Program Files AntiVir PersonalEdition Classic avguard exe C Program Files AntiVir PersonalEdition Classic avgnt exe C HJT HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Start Page http www gateway com g startpage h ys DTP amp M C R - URLSearchHook AOLTBSearch Class - EA - - DB- F -D CA FB C D - C Program Files AOL AOL Toolbar aoltb dll R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO CIEIntegrator Object - ADC-C F- C - B - F E CB - C Program Files WinAntiVirus Pro winavpgi dll file missing O - BHO AOL Toolbar Launcher - C - CB - A -B F - EA C F - C Program Files AOL AOL Toolbar aoltb dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO DeskalertsBHO - E B B - - b a- EB-F DCE - C Program Files DeskAlerts deskbar dll O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - Toolbar AOL Toolbar - DE C F- - A - B-AA ED D - C Program Files AOL AOL Toolbar aoltb dll O - Toolbar no name - DEA -C B - E - - E E A FE - no file O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - Toolbar no name - - C B- A -B B -A B - no file O - HKLM Run RemoteControl quot C Program Files CyberLink PowerD... Read more

Relevancy 29.67%

Could I get someone to review the Combo Fix Log File attached and comment?
Thanks

A:Log review

Hello and welcome to TSF.

First of all, ComboFix is not a tool which should be used in an unsupervised environment.
Why we don't ask you to run ComboFix from the onset

As stated by the author of ComboFix:

ComboFix is a very powerful tool which when improperly used may render your machine to a doorstop.

We first need to verify if there's any rootkits present and how they could affect our tools. DDS & GMER are preliminary scans. We use their logs to map our strategy for attack.

With these logs we can determine the infections present & decide whether to deploy ComboFix.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f100/log-review-338739.html
Relevancy 29.67%

Hello I just Need please log review This HJ removed CouponPrinter ocx wife says she loaded it from somewhere which seemed to be a Trojan in disguise Win AdwareBHO According to AdAware it was removed successfully however I am a bit concerned about some entries in Need HJ This log review please my HiJack This log especially with missing exe files and the multitude of Unknown Owner entries Issue Why How can are these files Need HJ This log review please missing Is this something to be concerned about I never deleted these files and they do not show up in my trash bin Furthermore it would quot appear quot that McAfee is running just fine it auto-updates no problem and allows me change save settings etc Additionally jsq exe usually shows up in my running processes although I usually end the process b c is seems to slow my computer down plus I do not use java based applications very often But how can the jqs exe be running if the jqs conf is missing O - Service McAfee McShield McShield - Unknown owner - C Program Files McAfee VirusScan Enterprise mcshield exe file missing O - Service McAfee Framework Service McAfeeFramework - Unknown owner - C Program Files McAfee Common Framework FrameworkService exe quot ServiceStart file missing O - Service Java Quick Starter JavaQuickStarterService - Unknown owner - C Program Files Java jre bin jqs exe quot -service -config quot C Program Files Java jre lib deploy jqs jqs conf file missing O - Service Ulead Burning Helper UleadBurningHelper - Unknown owner - C Program Files Common Files Ulead Systems DVD ULCDRSvr exe file missing What's up with the quot Unknown Owner quot entries I seem to have a lot of them How can I or do I need to replace the missing exe files Issue O - Service Lexar JD LxrJD s - Unknown owner - C WINDOWS SYSTEM LxrJD s exe I have always thought this application was related to a Lexar jumpdrive I used to have I no longer have the drive but when I quot fix quot this entry via HJ This it doesn't go away What gives How to get rid of And again listed as an Unknown Owner Issue O - Protocol AutorunsDisabled - no CLSID - no file I noticed I had several AutorunsDisabled no file entries and got rid of them but this one keeps popping back up Is it perhaps related to HJ This or do I need to do something else to get rid of Issue O - Service Softex WinRoute Service WinRServ - Unknown owner - C Program Files Softex winroute WinRServ exe Should I be worried about the quot Unknown Owner quot aspect of this entry I understand the service to be pretty much mandatory for XP yes Normally I can keep my pc up and running pretty well on my own but this last batch of errors and weird HJ entries has me worried Could someone please address the issues above as well as scan through my whole log Any assitance on this matter would be greatly appreciated Thank you in advance thumbsup Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Unable to get Internet Explorer version Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C Program Files McAfee VirusScan Enterprise SHSTAT EXE C Program Files McAfee Common Framework UdaterUI exe C WINDOWS system RUNDLL EXE C Program Files McAfee Common Framework McTray exe C Program Files Spyware Doctor v pctsTray exe C Program Files Common Files Real Update OB realsched exe C Program Files Canon MyPrinter BJMyPrt exe C Program Files PC Tools Firewall Plus FirewallGUI exe C WINDOWS system rundll exe C Program Files Java jre bin jusched exe C Program Files Lavasoft Ad-Aware AAWTray exe C WINDOWS system ctfmon exe C WINDOWS System svchost exe C ... Read more

A:Need HJ This log review please

Hello tripn4days,

HJT is weak in that area and sometimes cannot enumerate the owner or if the file is there. This is one of the reasons why HijackThis is no longer the preferred initial scanning tool in this forum. Additionally, with today's malware, a more comprehensive set of logs is required to determine the presence of malware.

For a more accurate view for your purposes, download rsit.exe and save it to your desktop.Double click on RSIT.exe to run it.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

http://www.techsupportforum.com/forums/f100/need-hj-this-log-review-please-387366.html
Relevancy 29.67%

Lobos here's the log you asked for I had posted it before the crash don't know if you got to see it It's really long and I'm not sure if this is what you asked for but here it is Having problems with Office XP Pro windows installer Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C PROGRA COMMON AOL ACS acsd exe for Review Log C WINDOWS System CTsvcCDA exe C WINDOWS ehome ehSched exe C Program Files Network Associates Common Framework FrameworkService Log for Review exe C Program Files Network Associates VirusScan mcshield exe C Program Files Network Associates VirusScan vstskmgr exe C Program Files Common Files Microsoft Log for Review Shared VS Debug mdm exe C WINDOWS System nvsvc exe C WINDOWS wanmpsvc exe C WINDOWS System MsPMSPSv exe C WINDOWS Explorer EXE C WINDOWS ehome ehtray exe C windows system hpsysdrv exe C Program Files USB Storage RW shwicon exe C Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe C Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe C HP KBD KBD EXE C WINDOWS System CTHELPER EXE C WINDOWS System spool drivers w x hpztsb exe C Program Files Log for Review MusicMatch MusicMatch Jukebox mmtask exe C Program Files Network Associates VirusScan SHSTAT EXE C Program Files Network Associates Common Framework UpdaterUI exe C Program Files iTunes iTunesHelper exe C Program Files AIM aim exe C WINDOWS ehome ehmsas exe C Program Files iPod bin iPodService exe c Program Files Hewlett-Packard HP Share-to-Web hpgs wnf exe C WINDOWS System msiexec exe C Program Files HiJackThis HijackThis exe -------------------------------------------------- Listing of startup folders Shell folders Startup C Documents and Settings Administrator Start Menu Programs Startup No files Shell folders AltStartup Folder not found User shell folders Startup Folder not found User shell folders AltStartup Folder not found Shell folders Common Startup C Documents and Settings All Users Start Menu Programs Startup America Online Tray Icon lnk C Program Files America Online aoltray exe Quicken Scheduled Updates lnk C Program Files Quicken bagent exe Shell folders Common AltStartup Folder not found User shell folders Common Startup Folder not found User shell folders Alternate Common Startup Folder not found -------------------------------------------------- Checking Windows NT UserInit HKLM Software Microsoft Windows NT CurrentVersion Winlogon UserInit C WINDOWS system userinit exe HKLM Software Microsoft Windows CurrentVersion Winlogon Registry key not found HKCU Software Microsoft Windows NT CurrentVersion Winlogon Registry value not found HKCU Software Microsoft Windows CurrentVersion Winlogon Registry key not found -------------------------------------------------- Autorun entries from Registry HKLM Software Microsoft Windows CurrentVersion Run ehTray C WINDOWS ehome ehtray exe hpsysdrv c windows system hpsysdrv exe HotKeysCmds C WINDOWS System hkcmd exe KYE Showicon quot C Program Files USB Storage RW shwicon exe quot -t quot KYE USB Storage RW quot Share-to-Web Namespace Daemon c Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe CamMonitor c Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe KBD C HP KBD KBD EXE StorageGuard quot C Program Files VERITAS Software Update Manager sgtray exe quot r AutoTBar C hp bin autotbar exe Recguard C WINDOWS SMINST RECGUARD EXE NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup nwiz nwiz exe install CTHelper CTHELPER EXE Jet Detection quot C Program Files Creative SBAudigy PROGRAM ADGJDet exe quot PS C WINDOWS system ps exe HPDJ Taskbar Utility C WINDOWS System spool drivers w x hpztsb exe mmtask c Program Files MusicMatch MusicMatch Jukebox mmtask exe ShStatEXE quot C Program Files Network Associates VirusScan SHSTAT EXE quot STANDALONE McAfeeUpdaterUI quot C Program Files Network... Read more

A:Log for Review

End this process see if that helps

msiexec.exe


C:\WINDOWS\System32\msiexec.exe
Windows Installer Component that is used to install new programs that use Windows Installer package files (MSI).

it's the only thing i can see that is trying to install it
it does not need to be running

http://www.techsupportforum.com/forums/f284/log-for-review-9947.html
Relevancy 29.67%

I'm a little concerned that I may have spyware Would someone please look at the following and let me know what if anything needs to be fixed Thanks Joyce Logfile of HijackThis v Scan saved at PM on Platform Windows ME Win review log. hjt Please this x MSIE Internet Explorer Please review this hjt log. v Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C WINDOWS SYSTEM SSDPSRV EXE C WINDOWS SOINTGR EXE C PROGRAM FILES COMMON FILES SYMANTEC SHARED CCEVTMGR EXE C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C PROGRAM FILES ESOFT EBOARD EBOARD EXE C WINDOWS SYSTEM WMIEXE EXE C PROGRAM Please review this hjt log. FILES COMMON FILES SYMANTEC SHARED CCAPP EXE C WINDOWS SYSTEM RADARDESK EXE C PROGRAM FILES KODAK DIGITAL SCIENCE PICTURE EASY SOFTWARE PROGRAM PEZDOWNLOAD EXE C PROGRAM FILES AWS WEATHERBUG WEATHER EXE C PROGRAM FILES REAL REALJUKEBOX TSYSTRAY EXE C PROGRAM FILES MICROSOFT OFFICE OFFICE OSA EXE C PROGRAM FILES SONY CORPORATION IMAGE TRANSFER SONYTRAY EXE C WINDOWS SYSTEM TAPISRV EXE C WINDOWS SYSTEM DDHELP EXE C WINDOWS SYSTEM SPOOL EXE C WINDOWS SYSTEM WBEM WINMGMT EXE C PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE C WINDOWS SYSTEM RNAAPP EXE C WINDOWS SYSTEM PSTORES EXE C HURLEY TEMP HIJACKTHIS EXE C WINDOWS WUAUBOOT EXE R - HKCU Software Microsoft Internet Explorer Main Start Page http www cincinnatibell com zoomtown R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www e me com start html O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - BHO My Search BHO - DA C - F- a- CD- CFE CFF - C PROGRAM FILES MYSEARCH BAR BIN S BAR DLL O - Toolbar msdxmLC dll - amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar My amp Search Bar - DA C - F- a- CD- CFE CFF - C PROGRAM FILES MYSEARCH BAR BIN S BAR DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run PCHealth C WINDOWS PCHealth Support PCHSchd exe -s O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run eMachine eBoard C PROGRA ESOFT EBOARD eBoard exe O - HKLM Run SO Integrator Pass Two C WINDOWS SOINTGR EXE O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot C Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run radarDesk C WINDOWS SYSTEM radarDesk exe -h O - HKLM Run Picture Easy Download C Program Files Kodak Digital Science Picture Easy Software Program PezDownload exe O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices SSDPSRV C WINDOWS SYSTEM ssdpsrv exe O - HKLM RunServices StateMgr C WINDOWS System Restore StateMgr exe O - HKLM RunServices SO Integrator Pass One C WINDOWS SOINTGR EXE O - HKLM RunServices ccEvtMgr quot C Program Files Common Files Symantec Shared ccEvtMgr exe quot O - HKLM RunServices ScriptBlocking quot C Program Files Common Files Symantec Shared Script Blocking SBServ exe quot -reg O - HKCU Run Weather C PROGRAM FILES AWS WEATHERBUG WEATHER EXE O - HKCU Run RealJukeboxSystray C PROGRAM FILES REAL REALJUKEBOX TSYSTRAY EXE O - Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Startup Office Startup lnk C Program Files Microsoft Office Office OSA EXE O - Startup Image Transfer lnk C Program Files Sony Corporation Image Transfer SonyTray exe O - Startup Microsoft Find Fast lnk C Program Files Microsoft Office Office FINDFAST EXE O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button Related HKLM O... Read more

A:Please review this hjt log.

Welcome to TSF.

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Desktop or Temp folder. This is required because HijackThis will create backups.

Go to the bottom of this message to get the latest version of HijackThis. If the site is down, you can also get it here.

Please print out or copy this page to Notepad. You should not have any open browsers when you are following the procedures below.

Make sure to update Windows and Internet Explorer at http://windowsupdate.microsoft.com. If you don't have a fast internet connection, you can get the security update CD from Microsoft for free. I suggest upgrading to Internet Explorer 6.0

Go to Start->Settings->Control Panel and double-click on the System icon. On the Performance tab click File System. Click the Troubleshooting tab, and then check Disable System Restore. Click OK. Click Yes, when you are prompted to restart Windows. When we have confirmed that your log file is clean, you may enable System Restore again by following the same steps as above except you should uncheck Disable System Restore.

Go to My Computer->Tools->Folder Options->View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing/visible also.

Reboot into Safe Mode (hit F8 key until menu shows up).

Make sure to close any open browsers. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed:

C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE

Uninstall the following via the Add/Remove Panel if they exist:

MySearch
WeatherBug ? if you didn?t install this yourself, uninstall it. Otherwise, you may ignore all the fixes and detetions related to it.

Make sure to close any open browsers you have. Check and fix the following in HijackThis (make sure not to miss any):

O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\PROGRAM FILES\MYSEARCH\BAR\1.BIN\S4BAR.DLL
O3 - Toolbar: My &Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\PROGRAM FILES\MYSEARCH\BAR\1.BIN\S4BAR.DLL
O4 - HKCU\..\Run: [Weather] C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE 1
O9 - Extra button: WeatherBug (HKCU)
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/mini...ransporter.cab?
O16 - DPF: {E9F4DF12-E82E-4177-8B82-ED7355ED4362} (DownloadX Control) - http://j.cdrdev.com/wkrc/downloadX.ocx

Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\PROGRAM FILES\MYSEARCH\
C:\PROGRAM FILES\AWS\ - only delete this folder if you uninstalled WeatherBug

Reboot into Normal Mode and post a new HijackThis log file so we can make sure it's clean.

http://www.techsupportforum.com/forums/f284/please-review-this-hjt-log-13241.html
Relevancy 29.67%

please take a look if you can been being plagued with adware spyware pretty sure there is something hiding bringing things back after i remove it anyway here is the log Logfile of LOG My review? for HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss My LOG for review? exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS System DRIVERS CDANTSRV EXE C Program Files Eset nod krn exe C WINDOWS System nvsvc exe C WINDOWS System Tablet exe My LOG for review? C Program My LOG for review? Files NVIDIA Corporation NvMixer NvMixerTray exe C PROGRA Cacheman Cacheman exe C PROGRA Panicware Pop-Up Stopper Free Edition PSFree exe C WINDOWS system Wtablet TabUserW exe C Program Files Internet Explorer iexplore exe C Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer SearchURL http www begin search com googlesidesearch html R - URLSearchHook no name - EC D D- C - C D-BC -C D DA - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO ohb - D F F- AC - AB- B - C - C WINDOWS System adpop dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run NvMixerTray C Program Files NVIDIA Corporation NvMixer NvMixerTray exe O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS System NvMcTray dll NvTaskbarInit O - HKLM Run NeroCheck C WINDOWS System NeroCheck exe O - HKCU Run Cacheman C PROGRA Cacheman Cacheman exe O - HKCU Run PopUpStopperFreeEdition quot C PROGRA Panicware Pop-Up Stopper Free Edition PSFree exe quot O - Global Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Global Startup TabUserW exe lnk C WINDOWS system Wtablet TabUserW exe O - Extra button ICQ Pro - f -cba - -b - cb cd - C PROGRA ICQ ICQ exe O - Extra 'Tools' menuitem ICQ - f -cba - -b - cb cd - C PROGRA ICQ ICQ exe O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - DPF F F -B C- - AA -A F A Launcher Control - https horizons istaria com controls launcher ocx O - DPF B F-D BF- -B -FDC F F E B FilePlanet Download Control Class - http www fileplanet com fpdlmgr ca C cab O - DPF DDE -E - D -A - - http www xblock com download xclean micro exe O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http v windowsupdate microsoft co O - HKLM System CCS Services Tcpip EF -B - -A F- B BF F B NameServer O - HKLM System CS Services Tcpip EF -B - -A F- B BF F B NameServer O - HKLM System CS Services Tcpip EF -B - -A F- B BF F B NameServer

A:My LOG for review?

anyone help? not sure what to remove exactly.

http://www.techsupportforum.com/forums/f284/my-log-for-review-15644.html
Relevancy 29.67%

I am having problems with HTJ Log, My review please my outlook express I did a trendco virus scan and nothing showed up I am attaching my log to see if you'll can find something out of the ordinary Logfile of HijackThis v Scan My HTJ Log, please review saved at AM on Platform Windows SE Win x A MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM DDHELP EXE C WINDOWS SYSTEM My HTJ Log, please review mmtask tsk C WINDOWS SYSTEM MPREXE EXE C WINDOWS PSSVC EXE C WINDOWS SYSTEM MSTASK EXE C DMI BIN WIN SL EXE C PROGRAM FILES My HTJ Log, please review COMPUTERASSOCIATES ANTIVIRUS INOTASK EXE C PROGRAM FILES COMPUTERASSOCIATES ANTIVIRUS INORT X EXE C PROGRAM FILES COMPUTERASSOCIATES ANTIVIRUS INORPC EXE C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RPCSS EXE C INSIGHT TOOLS AICLIENT EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C PROGRAM FILES MS HARDWARE POINT EXE C WINDOWS LOADQM EXE C WINDOWS SYSTEM MSWHEEL EXE C WINDOWS SYSTEM SPOOL EXE C DMI BIN DELLDMI EXE C DMI BIN MONITOR EXE C DMI BIN NIC EXE C DMI BIN COO EXE C DMI BIN DNAR EXE C DMI BIN NODEMNGR EXE C WINDOWS SYSTEM PSTORES EXE C PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE C MARVIN'S HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com F - win ini load C INSIGHT TOOLS AICLIENT EXE O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C PROGRAM FILES YAHOO MESSENGER YCOMP DLL O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO MESSENGER YCOMP DLL O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - HKLM Run ScanRegistry c windows scanregw exe autorun O - HKLM Run TaskMonitor c windows taskmon exe O - HKLM Run Disknag C DELL DISKNAG EXE O - HKLM Run SystemTray SysTray Exe O - HKLM Run POINTER C PROGRA MSHARD point exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run LoadQM loadqm exe O - HKLM Run Realtime Monitor quot C Program Files ComputerAssociates AntiVirus realmon exe quot O - HKLM Run SetDefPrt C Program Files Brother BRMFLPRO SetDefPrt exe O - HKLM Run QuickTime Task quot C WINDOWS SYSTEM QTTASK EXE quot -atboottime O - HKLM RunServices AutoShutdown C WINDOWS pssvc exe O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices DMILDR C DMI bin dmildr exe O - HKLM RunServices Win SL C DMI BIN Win sl EXE -i -p -r O - HKLM RunServices InoTask C Program Files ComputerAssociates AntiVirus InoTask exe O - HKLM RunServices InoRT C Program Files ComputerAssociates AntiVirus InoRT x exe O - HKLM RunServices InoRPC C Program Files ComputerAssociates AntiVirus InoRpc exe O - HKCU Run Taskbar Display Controls RunDLL deskcp dll QUICKRES RUNDLLENTRY O - Extra button Yahoo Messenger - E D C E- B F- D -B C - C C - C PROGRAM FILES YAHOO MESSENGER YPAGER EXE O - Extra 'Tools' menuitem Yahoo Messenger - E D C E- B F- D -B C - C C - C PROGRAM FILES YAHOO MESSENGER YPAGER EXE O - Extra button no name - B E C - FCB- CF-AAA - C - no file O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - no file O - DPF EF BD -C FB- D - F- D F Yahoo Companion - http us dl yimg com download yaho bio cab O - DPF Yahoo Chat - http us chat yimg com us yimg com c chat cab O - DPF Yahoo MahJong - http download games yahoo com game ts y ot x cab O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net ll xscan cab O - DPF BC F - A - D -BEB - AA B AE Symantec AntiVirus scanner - http security symantec com sscv S in AvSniff cab O - DPF E F- D - A - DD -E EEEC Symantec RuFSI Utility Class - http security symantec com sscv S bin cabsa cab O - DPF AE C E - - D - B F- C F EF HeartbeatCtl Class - http fdl msn com zone datafiles heartbeat cab O - DPF E D D -A - - FAD- E C HeartbeatCtl Class - http fdl msn com zone da... Read more

A:My HTJ Log, please review

Nothing significant in the log. What kinds of problems are you having with OE?

If you have just recently cleaned up a major infection, this can sometimes corrupt OE, requiring you to download it, again. If you decide to dothat, you can download right over the top of your current installation.

Better, probably, to tell us about your problems and let us mull it over.

http://www.techsupportforum.com/forums/f284/my-htj-log-please-review-16682.html
Relevancy 29.67%

I have been unable to remove some type of active search adware adtomi file I ran adware SE online virus scanner and spybot Different files were removed with each program Following is the hjt log from the analyzer Is my PC now clean Thank you in advance for your help Log was analyzed using KRC HijackThis Analyzer - Updated log review hjt on Get updates at http www greyknight com download htm programs Security Programs Detected c PROGRA mcafee com vso mcvsrte exe C PROGRA mcafee com vso mcvsshld exe C PROGRA mcafee com agent mcagent exe c progra mcafee com review hjt log vso mcvsescn exe c PROGRA mcafee com vso mcshield exe c progra mcafee com vso mcvsftsn exe O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - HKLM Run VSOCheckTask quot c PROGRA mcafee com vso mcmnhdlr exe quot checktask O - HKLM Run VirusScan Online review hjt log quot c PROGRA mcafee com vso mcvsshld exe quot O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe C PROGRA mcafee com agent mcupdate exe O - Service McAfee com McShield McShield - Unknown owner - c PROGRA mcafee com vso mcshield exe O - Service McAfee SecurityCenter Update Manager mcupdmgr exe - Networks Associates Technology Inc - C PROGRA McAfee com Agent mcupdmgr exe O - Service McAfee com VirusScan Online Realtime Engine MCVSRte - Networks Associates Technology Inc - c PROGRA mcafee com vso mcvsrte exe O - Service SymWMI Service SymWSC - Symantec Corporation - C Program Files Common Files Symantec Shared Security Center SymWSC exe Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C Program Files Microsoft SQL Server MSSQL MICROSOFTBCM Binn sqlservr exe C Program Files Webroot Spy Sweeper WRSSSDK exe C Program Files Dell Support DSAgnt exe C PROGRA COMMON AOL EE AOLHOS EXE C PROGRA COMMON AOL EE AOLServiceHost exe C Program Files America Online a waol exe C Program Files America Online a shellmon exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www sptimes com O - BHO no name - A D - BAA- -A -D CA CF A - C WINDOWS system l dll file missing O - HKLM Run HostManager C Program Files Common Files AOL EE AOLHostManager exe O - HKCU Run AOL Fast Start quot C Program Files America Online a AOL EXE quot -b O - HKCU Run DellSupport quot C Program Files Dell Support DSAgnt exe quot startup O - DPF F F -B B - CF- - A EE Citrix ICA Client - http ra com wfica cab O - DPF ED DDF - - BBE- - A EDB D A McAfee com Operating System Class - http download av aol com molbin sh mcinsctl cab O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net ll xscan cab O - DPF A A - DA - DAF-B - F E E ActiveScan Installer Class - http www pandasoftware com activescan as asinst cab O - DPF BCC FF - D - -A E-C E ADA DwnldGroupMgr Class - http download av aol com molbin sh mcgdmgr cab O - DPF CE D D - CF- C D- FE - F A ActiveDataInfo Class - http www symantec com techsupp act a SymAData cab O - DPF E C D - A- F-AD F- C C B C ActiveDataObj Class - http www symantec com techsupp act ActiveData cab O - Service AOL Connectivity Service AOL ACS - America Online - C Program Files Common Files AOL ACS AOLAcsd exe O - Service AOL TopSpeed Monitor AOL TopSpeedMonitor - America Online Inc - C Program Files Common Files AOL TopSpeed aoltsmon exe O - Service Webroot Spy Sweeper Engine svcWRSSSDK - Webroot Software Inc - C Program Files Webroot Spy Sweeper WRSSSDK exe O - Service WAN Miniport ATW Service WANMiniportService - America Online Inc - C WINDOWS wanmpsvc exe End of KRC HijackThis Analyzer Log

A:review hjt log

Hi and Welcome to TSF!

Here's what you can do....

Your operating system is outdated. This leaves you vulnerable to many infections that otherwise can be prevented on a properly updated system. I strongly recommend that you go to the Windows Update site and install all available Critical Updates. This will patch your system with the most current security fixes and plug all the known holes which your present system has open.


Enable the viewing of Hidden files

Windows XP/2000

Go to 'My Computer' > Tools > Folder Options > View tab & ensure that the following are enabled;
Show hidden files and folders.
Display the contents of system folders
Uncheck the Hide protected operating system files option.

~~~~~~~~~~~~~~~

Some Anti-Spyware Programmes are known to intefere with HJT fixes. If you have these programmes, please disable them by doing so ...

Search & Destroy Spybot's TeaTimerGo to Tools>Resident
uncheck TeaTimer.

Microsoft AntiSpyware Click on Options>Settings.
In the left pane, click on Real-time Protection.
Under Startup Options, uncheck Enable the Microsoft AntiSpyware Security Agents on startup.
Under Real-time spyware threat protection, uncheck Enable real-time spyware threat protection.
After you uncheck these, click on the Save button and close Microsoft AntiSpyware.
Right click on the Microsoft AntiSpyware icon on the taskbar and select Shutdown Microsoft AntiSpyware.

Webroot SpySweeperGo to the Options>Program Options.
Uncheck Load at Windows Startup.
Click Shields and uncheck all items there.
Uncheck Home page shield.
Uncheck Automaticly restore default without notifiction.

~~~~~~~~~~~~~~~

Download & install CleanUp!. We'll run it later

~~~~~~~~~~~~~~~

Close all other windows & Run HiJackThis and click "Scan", then check(tick) the following, if present:


O2 - BHO: (no name) - {4A25D449-2BAA-4426-A992-D18CA70CF5A9} - C:\WINDOWS\system32\60l.dll (file missing)


Click "Fix checked" for HJT to fix them


~~~~~~~~~~~~~~~

Locate and delete the following item(s), if present. Make sure you're able to view system and hidden files/ folders:

files...

C:\WINDOWS\system32\60l.dll


~~~~~~~~~~~~~~~

Run CleanUp!...Click 'Yes' when asked to logoff.

Reboot your computer & then use Internet Explorer to browse a few sites.

Run a new HijackThis scan. Save the log file and run KRC HijackThis Analyzer in the same folder to get the result.txt log. Just post the contents of the result.txt file in your next reply.

Tell me how your computer behaves now..

http://www.techsupportforum.com/forums/f100/review-hjt-log-57925.html
Relevancy 29.67%

hi guys i'd like some help checking if this log is clean i dun have particular problems with this machine but appreciate if you could take a look just to be sure Thanks Log was analyzed using KRC HijackThis Analyzer - Updated on Get updates at http www greyknight com download htm programs Security Programs Detected C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C PROGRA Grisoft AVGFRE avgcc exe C PROGRA Grisoft AVGFRE avgemc exe O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run AVG EMC C PROGRA Grisoft AVGFRE avgemc exe O - Service AVG review Please Alert Manager Server Avg Alrt - GRISOFT s r o - C PROGRA Please review Grisoft AVGFRE avgamsvr exe O - Service AVG Update Service Avg UpdSvc - GRISOFT s r o - C PROGRA Grisoft AVGFRE avgupsvc exe Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C PROGRA MUSICM MUSICM MMDiag exe O - HKLM Run MimBoot C PROGRA MUSICM MUSICM mimboot exe O - HKCU Run SoniqueQuickStart C Program Files Sonique sqstart exe -nostick O - Global Startup AutoCAD LT Startup Accelerator lnk C Program Files Common Files Autodesk Shared Please review acstart exe O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http v windowsupdate microsoft co O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net ll xscan cab O - Service Autodesk Licensing Service - Autodesk Inc - C Program Files Common Files Autodesk Shared Service AdskScSrv exe End of KRC HijackThis Analyzer Log

A:Please review

Hello and welcome to TSF

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem a.s.a.p

You may wish to Subscribe to this thread (Thread Tools) so that you are notified when a reply has been made.

Please be patient with me during this time

http://www.techsupportforum.com/forums/f100/please-review-48578.html
Relevancy 29.67%

So I just installed a few days back and my CPU Usage is unusually high was around on xp with nothing really running is around or so now Just trying to Please Log HJT Review figure out what may be causing the issue Thanks for taking your time to look over Please Review HJT Log it Intel Core Duo E GB Ram Windows Bit Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Unknown Windows WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Users Jed Dolbeer Desktop My Stuff Stardock ObjectDock ObjectDock exe C Program Files x Common Files Pure Networks Shared Platform nmctxth exe C Program Files x Java jre bin jusched exe C Program Files x iTunes iTunesHelper exe C Program Files x Lavasoft Ad-Aware Ad-Aware exe C Program Files x Lavasoft Ad-Aware AAWTray exe C Program Files x Mozilla Firefox firefox exe C PROGRA Java jre bin jp launcher exe C Program Files x Java jre bin java exe C Program Files x Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName F - REG system ini UserInit userinit exe O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C Program Files x Microsoft Office Office GrooveShellExtensions dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe autoRun User LOCAL SERVICE O - HKUS S- - - RunOnce mctadmin C Windows System mctadmin exe User LOCAL SERVICE O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe autoRun User NETWORK SERVICE O - HKUS S- - - RunOnce mctadmin C Windows System mctadmin exe User NETWORK SERVICE O - Startup Stardock ObjectDock lnk Jed Dolbeer Desktop My Stuff Stardock ObjectDock ObjectDock exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Send to OneNote - A- - f c- - EE C C - C PROGRA MICROS Office ONBttnIE dll O - Extra Tools menuitem S amp end to OneNote - A- - f c- - EE C C - C PROGRA MICROS Office ONBttnIE dll O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS Office REFIEBAR DLL O - Gopher Prefix O - Protocol grooveLocalGWS - FED C-F CA- -A - CB B CD - C Program Files x Microsoft Office Office GrooveSystemServices dll O - Service SystemRoot system Alg exe - ALG - Unknown owner - C Windows System alg exe file missing O - Service Apple Mobile Device - Apple Inc - C Program Files x Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe O - Service Bonjour Service - Apple Inc - C Program Files x Bonjour mDNSResponder exe O - Service SystemRoot system efssvc dll - EFS - Unknown owner - C Windows System lsass exe file missing O - Service systemroot system fxsresm dll - Fax - Unknown owner - C Windows system fxssvc exe file missing O - Service iPod Service - Apple Inc - C Program Files iPod bin iPodService exe O - Service keyiso dll - KeyIso - Unknown owner - C Windows system lsass exe file missing O - Service Lavasoft Ad-Aware Service - Lavasoft - C Program Files x Lavasoft Ad-Aware AAWService exe O - Service comres dll - MSDTC - Unknown owner - C Windows... Read more

https://forums.techguy.org/threads/please-review-hjt-log.873703/
Relevancy 29.67%

I am having debilitating problems with my computer effecting my work day AUTOCAD takes - min to open OUTLOOK takes - review Please log hjt min to open and crashes my computer once per day FIREFOX runs slow and freezes periodically I HAVE DELL M WIN XP PRO G RAM DUAL CORE INTEL HERE IS LOG Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot Please review hjt log mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system Please review hjt log services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system ZoneLabs vsmon exe C WINDOWS System WLTRYSVC EXE C WINDOWS System bcmwltry exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exe C Program Files AskBarDis bar bin AskService exe C PROGRA AVG AVG avgwdsvc exe C Program Files Bonjour mDNSResponder exe C WINDOWS system cisvc exe C Program Files Wave Systems Corp Common DataServer exe C WINDOWS system inetsrv inetinfo exe C Program Files Java jre bin jqs exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C PROGRA AVG AVG avgrsx exe C WINDOWS System svchost exe C Program Files Dell QuickSet NICCONFIGSVC exe C WINDOWS system nvsvc exe C WINDOWS System svchost exe C WINDOWS System snmp exe C WINDOWS system svchost exe C Program Files NTRU Cryptosystems NTRU Hybrid TSS v bin tcsd win exe C WINDOWS system fxssvc exe C WINDOWS system ctfmon exe C WINDOWS system mqsvc exe C WINDOWS system SearchIndexer exe C WINDOWS system rundll exe C WINDOWS system WLTRAY exe C WINDOWS stsystra exe C Program Files Wave Systems Corp Services Manager DocMgr bin docmgr exe C Program Files Adobe Photoshop Elements apdproxy exe C Program Files Common Files InstallShield UpdateService ISUSPM exe C Program Files Microsoft Office Office GrooveMonitor exe C PROGRA AVG AVG avgtray exe C WINDOWS system mqtgsvc exe C Program Files Zone Labs ZoneAlarm zlclient exe C Program Files Java jre bin jusched exe C WINDOWS system rundll exe C Program Files Microsoft ActiveSync wcescomm exe C Program Files Spybot - Search amp Destroy TeaTimer exe C PROGRA MICROS rapimgr exe C Program Files Windows Desktop Search WindowsSearch exe C Program Files Memeo AutoBackup MemeoBackup exe C Program Files Memeo AutoSync MemeoAutoSync exe C Program Files Lavasoft Ad-Aware AAWTray exe C WINDOWS system cidaemon exe C WINDOWS system cidaemon exe C Program Files Windows Media Player wmplayer exe C Program Files Microsoft Office Office OUTLOOK EXE C Program Files AVG AVG avgcsrvx exe C PROGRA AVG AVG avgnsx exe C Program Files Microsoft Office Office WINWORD EXE C Program Files AVG AVG avgcsrvx exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www yahoo com fr fp-yie R - HKCU Software Microsoft Internet Explorer Main Start Page http www goal com en R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main SearchAssistant http www crawler com search ie aspx tb id R - HKLM Software Microsoft Internet Explorer Main CustomizeSearch http dnl crawler com support sa customize aspx TbId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch http dnl crawler com support sa customize aspx TbId R - HKLM Software Microsoft Internet Explorer Search Default Page URL www google com ig dell hl en amp client dell-usuk-rel amp channel us R -... Read more

https://forums.techguy.org/threads/please-review-hjt-log.866702/
Relevancy 29.67%

This puppy is slowing down and driving me crazy Windows XP Pro service pak I defrag malware scan etc daily Please review my HJ log as a starting place Thank you Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS system brsvc a exe C WINDOWS system brss a exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA AVG AVG avgwdsvc exe C PROGRA AVG AVG avgfws exe C Program Files Bonjour mDNSResponder exe C WINDOWS system svchost exe C Program Files Common Files LightScribe LSSrvc exe C Nexon Mabinogi npkcmsvc exe C WINDOWS system nvsvc exe C WINDOWS system HPZipm exe C Program Files Microsoft Search Enhancement Pack SeaPort SeaPort exe C PROGRA AVG AVG avgam exe C PROGRA AVG AVG avgrsx exe C PROGRA AVG AVG avgnsx exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C Program Files HP HP Software Update HPWuSchd exe C PROGRA AVG AVG avgtray exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files ScanSoft PaperPort pptd nt exe C WINDOWS system wuauclt exe C Program Files iTunes iTunesHelper exe C PROGRA Nero data xtras mssysmgr exe C WINDOWS system ctfmon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Windows Media Player WMPNSCFG exe C Program Files Adobe Acrobat Reader reader sl exe C Program Files Olympus DeviceDetector DevDtct exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Kodak KODAK Software Updater Program Kodak Software Updater exe C Program Files Logitech SetPoint SetPoint exe C WINDOWS VPro exe C Program please log review my HJ Files Common Files Logishrd KHAL KHALMNPR EXE C WINDOWS System svchost exe C WINDOWS system wscntfy exe C Program Files iPod bin please review my HJ log iPodService exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Window Title Praise the Lord R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file R - URLSearchHook AVG Security Toolbar BHO - A BC A - F - -AA - D C - C Program Files AVG AVG Toolbar IEToolbar dll O - BHO StumbleUpon Launcher - B F -A B- b -BBAC- EBEBBB - C Program Files StumbleUpon StumbleUponIEBar dll O - BHO Search Helper - EBF - F- bff-A F-B E AAC B - C Program Files Microsoft Search Enhancement Pack Search Helper SEPsearchhelperie dll O - BHO Java tm Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO AVG Security Toolbar BHO - A BC A - F - -AA - D C - C Program Files AVG AVG Toolbar IEToolbar dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files Google Google Toolbar GoogleToolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - BHO Google Dictionary Compression sdch - C D FE-E D- -BB - C E E C E - C Program Files Google Google Toolbar Component fastsearch A FB BD dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - BHO W... Read more

A:please review my HJ log

an added note:
I have been actively trying to speed up my computer. Things seems to be getting worse.
for example :Searching the Internet - if I have trouble getting into a site, I can run my ccleaner and then immediately get in...Just random stuff like that.
Also, I tried using autoruns and then reviewing a database to remove programs at startup. Did NOT remove any because it was so confusing to me. Is there a better way?
I am getting increasingly frustrated and it might just drive me to drink :-(

I am only avail to work on fixing this during the day ~ 8:00 to 4:00 (except now, because I am so aaarrrggg!)
 

https://forums.techguy.org/threads/please-review-my-hj-log.849766/
Relevancy 29.67%

Greetings all please? log HJT review It s been a while since I ve posted here after being a regular for some time a few years ago Thanks to much of the knowledge I gleaned from my visits to this site I ve been able to pretty much keep my HJT log review please? home PC s safe and sound for quite some time As a favor I volunteered to take a look at my sister-in-law s laptop HJT log review please? once it started flashing warnings and acting crazy Needless to say she let her A V expire a long time ago and of course knows absolutely nothing about spyware adware malware Add to it that she likes to frequent LimeWire and Aries and well you can guess what her machine looked like when I got it So anyway after installing AVG vers SUPERAntiSpyware Malwarebyte s Anti-Malware vers and Ad-Aware anniversary edition and running several scans over multiple days and fixing countless issues I think I ve got just about everything cleaned up I actually had to follow manual instructions for removal of Spyware Protect first as that was the first issue and I couldn t get anything installed and or updated until that bugger was gone first I was wondering if any kind soul would mind reviewing the most recent HJT log and let me know if there s anything else I may have missed or anything else that looks out of the ordinary Thank you in advance for your assistance Here s the log Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C PROGRA AVG AVG avgwdsvc exe C Program Files Cisco Systems VPN Client cvpnd exe C WINDOWS system svchost exe C PROGRA AVG AVG avgemc exe C PROGRA AVG AVG avgrsx exe C PROGRA AVG AVG avgnsx exe C Program Files AVG AVG avgcsrvx exe C Program Files Lavasoft Ad-Aware AAWTray exe C WINDOWS Explorer EXE C WINDOWS system igfxtray exe C WINDOWS system hkcmd exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files HPQ Quick Launch Buttons EabServr exe C WINDOWS system spool drivers w x hpztsb exe C Program Files Common Files InterVideo SchSvr SchSvr exe C Program Files InterVideo Common Bin WinRemote exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files iTunes iTunesHelper exe C WINDOWS System svchost exe C Program Files HP hpcoretech hpcmpmgr exe C Program Files iPod bin iPodService exe C WINDOWS system hphmon exe C Program Files Java jre bin jusched exe C PROGRA AVG AVG avgtray exe C WINDOWS system ctfmon exe C WINDOWS System spool DRIVERS W X E FATICDA EXE C WINDOWS system HPZipm exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf laptop R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO AVG Security Toolbar - A A -BACC- D - - A E E - C PROGRA AVG AVG AVGTOO DLL O - Toolbar AVG Security Toolbar - A A -BACC- D - - A E E -... Read more

https://forums.techguy.org/threads/hjt-log-review-please.799436/
Relevancy 29.67%

i m borrowing my friends laptop and it was in really bad shape he told me he could barely even use it anymore cause it had a virus i ran adaware Ccleaner and deleted please log HJT review a couple things from my first hijack this scan i also deleted some things from his startup menu i think i got rid of the major problem but maybe you guys HJT log please review can tell me if i need to do something else Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C Program Files Common Files Symantec Shared ccSvcHst exe C Program Files Common Files Symantec Shared AppCore AppSvc exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C WINDOWS system ezSP Px exe C Program Files Apoint K Apoint exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS system ctfmon exe C Program Files Apoint K Apntex exe C WINDOWS system bmwebcfg exe C WINDOWS system svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS System alg exe C Program Files Sprint AirCard Sprint PCS Connection Manager SPCSCM exe C Program Files Sprint AirCard Sprint PCS Connection Manager bmctl exe C PROGRA Symantec LIVEUP LUCOMS EXE C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe C WINDOWS system wbem wmiprvse exe R - HKCU Software Microsoft Internet Explorer Main Start Page http google com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - E A - - D F-BEAE-D A C - C Program Files Common Files Symantec Shared coShared Browser NppBho dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - Toolbar Show Norton Toolbar - -F - -B -FBEE C B DF - C Program Files Common Files Symantec Shared coShared Browser UIBHO dll O - HKLM Run ezShieldProtector for Px C WINDOWS system ezSP Px exe O - HKLM Run Apoint C Program Files Apoint K Apoint exe O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run osCheck quot C Program Files Norton Internet Security osCheck exe quot O - HKLM Run C WINDOWS system kdnky exe C WINDOWS system kdnky exe O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKUS S- - - Run ALUAlert C Program Files Symantec LiveUpdate ALUNotify exe User SYSTEM O - HKUS S- - - Run Symantec Network Driver Update Warning C PROGRA Symantec LIVEUP SNDWarn EXE User SYSTEM O - HKUS S- - - RunOnce RunNarrator Narrator exe User SYSTEM O - HKUS DEFAULT Run ALUAlert C Program Files Symantec LiveUpdate ALUNotify exe User Default user O - HKUS DEFAULT RunOnce RunNarrator Narrator exe User Default user O - Extra context menu item Yahoo amp Dictionary - file C Program Files Yahoo Common ycdict htm O - Extra context menu item Yahoo amp Maps - file C Program Files Yahoo Common ycmap htm O - Extra context menu item Yahoo amp SMS - file C Program Files Yahoo Common ycsms htm O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs... Read more

A:HJT log please review

So it's been a few days and i haven't received any responses.
i know you guys are busy and i would still appreciate any info you can give me.

thanks in advance.
 

https://forums.techguy.org/threads/hjt-log-please-review.770398/
Relevancy 29.67%

Started getting a pop-up yesterday for spyware removal supposedly part of a Norton ad Only adverse action I see at this point is my IE browser doesn t always open with the toolbars showing or the toolbars aren t locked as I usually have them Closing and re-opening IE clears it I someone Could Log? this HJT review ran HJT with hopes someone could tell me what stands out as bad news Thanks Could someone review this HJT Log? Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Could someone review this HJT Log? Files Common Files InterVideo RegMgr iviRegMgr exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Trend Micro Client Server Security Agent ntrtscan exe C Program Files Common Files Protexis License Service PsiService exe C WINDOWS system svchost exe C Program Files Trend Micro Client Server Security Agent tmlisten exe C Program Files Trend Micro Client Server Security Agent OfcPfwSvc exe C WINDOWS TEMP PTB DB EXE C WINDOWS Explorer EXE C WINDOWS stsystra exe C Program Files Java jre bin jusched exe C Program Files Trend Micro Client Server Security Agent pccntmon exe C Program Files Winamp winampa exe C Program Files Adobe Acrobat Acrobat Acrotray exe C WINDOWS system ctfmon exe C Program Files Common Files Real Update OB realsched exe C Program Files iTunes iTunesHelper exe C Program Files Microsoft ActiveSync Wcescomm exe C Program Files Olympus DeviceDetector DevDtct exe C Program Files SanDisk SanDisk TransferMate SD Monitor exe C PROGRA MI AA rapimgr exe C Program Files Microsoft ActiveSync WCESMgr exe C Program Files Citrix GoToMyPC g svc exe C Program Files Citrix GoToMyPC g comm exe C Program Files TechSmith SnagIt TSCHelp exe C Program Files Citrix GoToMyPC g pre exe C Program Files Citrix GoToMyPC g tray exe C Program Files iPod bin iPodService exe C Program Files Common Files Macrovision Shared FLEXnet Publisher FNPLicensingService exe C Program Files Java jre bin jucheck exe C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Connection Wizard ShellNext http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - HKLM Run SigmatelSysTrayApp stsystra exe O - HKLM Run ATIPTA quot C Program Files ATI Technologies ATI Control Panel atiptaxx exe quot O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run OfficeScanNT Monitor quot C Program Files Trend Micro Client Server Security Agent pccntmon... Read more

A:Could someone review this HJT Log?

Hello. Noticed a lot of views but no responses. I don't like to assume anything but I'm just wondering if there's nothing to comment on the logfile.

Can anyone verify this? Thanks much!
 

https://forums.techguy.org/threads/could-someone-review-this-hjt-log.741910/
Relevancy 29.67%

can someone tell me what they thing of this computer if i bought it and added a 512 stickdo u think it would be a good computer and do u thik it coul dplay games like guild wars or kotor

Operating System Genuine Windows Vista Home Basic (32-bit)
Processor Intel(R) Celeron(R) D 420 (1.6GHz, 800MHz FSB)
Memory 512MB DDR2-533MHz dual channel SDRAM (2x256)
Graphics Card 128MB NVIDIA GeForce 8300GS, DVI-I, TV-out, VGA
Networking 56Kbps Data/Fax Modem for dial-up Internet access
Hard Drive 80GB 7200 rpm SATA 3Gb/s hard drive
Primary CD/DVD Drive 48x max. CD-RW/DVD-ROM combo drive (48x32x16x48x)
Front Productivity Ports 2 USB, front audio ports
Sound Card Integrated 5.1 Capable Sound w/ front audio ports
 

A:Plz Review this

You'll be able to play low/medium at best. I'd consider getting a dual core and an 8600gts. Would be LEAPS and BOUNDS over what you have there.
 

https://forums.techguy.org/threads/plz-review-this.604354/
Relevancy 29.67%

Great Site Saved me many hours of frustration Ran AdAware and the online Virus Scan earlier my review HJT Please Thanx log, today Thank You in advance for reviewing my log Logfile of HijackThis v Scan saved at PM on Platform Windows ME Win x MSIE Internet Explorer Please review my HJT log, Thanx v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C PROGRAM FILES COMMON FILES SYMANTEC SHARED CCEVTMGR EXE C PROGRAM FILES COMMON FILES SYMANTEC SHARED CCSETMGR EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM RESTORE Please review my HJT log, Thanx STMGR EXE C WINDOWS EXPLORER EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS SYSTEM LEXBCES EXE Please review my HJT log, Thanx C WINDOWS SYSTEM CMLNKW EXE C WINDOWS SYSTEM RPCSS EXE C PROGRAM FILES COMMON FILES SYMANTEC SHARED CCPD-LC SYMLCSVC EXE C PROGRAM FILES COMMON FILES SYMANTEC SHARED CCAPP EXE C WINDOWS SYSTEM WMIEXE EXE C WINDOWS SYSTEM SAIE EXE C WINDOWS IRUETOY EXE C WINDOWS PGTAFF EXE C WINDOWS SYSTEM LEXPPS EXE C WINDOWS SYSTEM WINMONV EXE C PROGRAM FILES EBATES MOEMONEYMAKER EBATESMOEMONEYMAKER EXE C PROGRAM FILES WINPOET BROADBAND CONNECTION WINPPPOVERETHERNET EXE C WINDOWS SYSTEM TAPISRV EXE C PROGRAM FILES EBATES MOEMONEYMAKER EBATESMOEMONEYMAKER EXE C PROGRAM FILES EARTHLINK TOTALACCESS SPYWARE BLOCKER SPYWAREBLOCKER EXE C WINDOWS SYSTEM TAPMG EXE C PROGRAM FILES EARTHLINK TOTALACCESS TASKPANL EXE C HJT HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Default Page URL http start earthlink net R - HKCU Software Microsoft Internet Explorer Main Default Search URL http www earthlink net partner mor on search html R - HKCU Software Microsoft Internet Explorer Main Start Page http start earthlink net R - HKLM Software Microsoft Internet Explorer Main Start Page http start earthlink net R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file R - URLSearchHook no name - EC D D- C - C D-BC -C D DA - C PROGRAM FILES TV MEDIA TVMBHO DLL file missing O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - BHO no name - C C -F F- D - B - ACD AE - C WINDOWS Helper dll O - BHO no name - BE- D - CEB-ADD -E A D - C PROGRAM FILES CXTPLS CXTPLS DLL O - BHO SDWin Class - BA BA -A - -BB - E B BCD - C WINDOWS SYSTEM JFOCN DLL O - BHO EarthLink Popup Blocker - B F E - F - a-B -B E C EDF - C PROGRAM FILES EARTHLINK TOTALACCESS PNEL DLL O - BHO EarthLink ScamBlocker V - F -BE - - - F AC BA - C PROGRAM FILES EARTHLINK TOTALACCESS ESCAMBLK DLL O - BHO LinkTracker Class - A E DC-BFA - B -AB B- E E FD - C WINDOWS SYSTEM LMF V DLL O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar EarthLink Toolbar - D F B - - AF- -B FA D E - C PROGRAM FILES EARTHLINK TOTALACCESS PNEL DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run SystemTray SysTray Exe O - HKLM Run PCHealth C WINDOWS PCHealth Support PCHSchd exe -s O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run LexStart Lexstart exe O - HKLM Run Cmlink C WINDOWS SYSTEM cmlnkW exe O - HKLM Run QuickTime Task quot C WINDOWS SYSTEM QTTASK EXE quot -atboottime O - HKLM Run intdctrr C WINDOWS SYSTEM idctup exe O - HKLM Run Symantec Core LC C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe start O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run winupdtl C WINDOWS SYSTEM winupdtl exe O - HKLM Run Rxagik C WINDOWS Meruoq exe O - HKLM Run saie c windows system saie exe O - HKLM Run jfocnc C WINDOWS SYSTEM jfocnc exe O - HKLM Run Emmvbl C WINDOWS Iruetoy exe O - HKLM Run VBouncer C PROGRA VBOUNCER VirtualBouncer exe O - HKLM Run pgt... Read more

A:Please review my HJT log, Thanx

OK, but let's follow through this time, OK? You left us hanging last time, part of the reason you got re-infected.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Go to Start->Settings->Control Panel and double-click on the System icon. On the Performance tab click File System. Click the Troubleshooting tab, and then check Disable System Restore. Click OK. Click Yes, when you are prompted to restart Windows. When we have confirmed that your log file is clean, you may enable System Restore again by following the same steps as above except you should uncheck Disable System Restore .

Download and install Spybot S&D. Run Spybot and click on the Search for Updates button. Install any updates if they are available. Next click on the Check for Problems button. Let it run the scan. If it finds something, check all those in RED and hit the Fix Selected Problems button. Exit Spybot.

Download RemoveSpyDeleter.bat and double click on it.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn't be - but double check it):

C:\WINDOWS\SYSTEM\SAIE.EXE
C:\WINDOWS\IRUETOY.EXE
C:\WINDOWS\PGTAFF.EXE
C:\WINDOWS\SYSTEM\WINMONV.EXE
C:\PROGRAM FILES\EBATES_MOEMONEYMAKER\EBATESMOEMONEYMAKER0.EX E
C:\PROGRAM FILES\EBATES_MOEMONEYMAKER\EBATESMOEMONEYMAKER1.EX E
C:\WINDOWS\SYSTEM\TAPMG32.EXE

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

EBATES_MOEMONEYMAKER
CXTPLS
VBOUNCER

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\PROGRAM FILES\TV MEDIA\TVMBHO.DLL (file missing)
O2 - BHO: (no name) - {017C20C1-F86F-11D8-9B25-000ACD002AE3} - C:\WINDOWS\Helper100.dll
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\PROGRAM FILES\CXTPLS\CXTPLS.DLL
O2 - BHO: SDWin32 Class - {35BA4BA5-A277-4335-BB24-02E5B4BCD642} - C:\WINDOWS\SYSTEM\JFOCN.DLL
O2 - BHO: LinkTracker Class - {6A6E50DC-BFA8-4B40-AB1B-159E03E829FD} - C:\WINDOWS\SYSTEM\LMF32V.DLL
O4 - HKLM\..\Run: [intdctrr] C:\WINDOWS\SYSTEM\idctup20.exe
O4 - HKLM\..\Run: [winupdtl] C:\WINDOWS\SYSTEM\winupdtl.exe
O4 - HKLM\..\Run: [Rxagik] C:\WINDOWS\Meruoq.exe
O4 - HKLM\..\Run: [saie] c:\windows\system\saie.exe
O4 - HKLM\..\Run: [jfocnc] C:\WINDOWS\SYSTEM\jfocnc.exe
O4 - HKLM\..\Run: [Emmvbl] C:\WINDOWS\Iruetoy.exe
O4 - HKLM\..\Run: [VBouncer] C:\PROGRA~1\VBOUNCER\VirtualBouncer.exe
O4 - HKLM\..\Run: [pgtaff] C:\WINDOWS\pgtaff.exe
O4 - HKLM\..\Run: [rt3R36R] RASLL32.EXE
O4 - HKLM\..\Run: [wmv] C:\WINDOWS\SYSTEM\winmonv.exe
O4 - HKLM\..\Run: [aqadcup] C:\WINDOWS\aqadcup.exe
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\PROGRAM FILES\EBATES_MOEMONEYMAKER\EbatesMoeMoneyMaker0.ex e"
O4 - HKLM\..\Run: [niv]... Read more

http://www.techsupportforum.com/forums/f100/please-review-my-hjt-log-thanx-25949.html
Relevancy 29.67%

hi i just stumbled upon this website when i was looking for some help with my computer I had two programs that were running on my computer that were completely using up all of my resources The names of the two programs were dosole exe and urldrv exe I snooped around your forums and found some fixes and i have run both Spybot and Ad-aware and HJT to get rid of the urldrv exe It disappeared after i followed your instructions so thank you for that i still am experiencing some lag though and was hoping you could review my HJT log Thank you very much and keep up the log for review HJT good work Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Miramar PC MACLAN for Windows ATMsg exe C Program Files NavNT defwatch exe C WINDOWS System inetsrv inetinfo exe C PROGRA Iomega HJT log for review System HJT log for review ActivityDisk exe C Program Files Common Files Microsoft Shared VS HJT log for review Debug mdm exe C Program Files Miramar PC MACLAN for Windows ATSERVER EXE C Program Files Miramar PC MACLAN for Windows ATSPOOL EXE C WINDOWS Explorer EXE C Program Files NavNT rtvscan exe C WINDOWS System nvsvc exe C WINDOWS System tcpsvcs exe C WINDOWS System snmp exe C WINDOWS System svchost exe C WINDOWS system MsgSys EXE C WINDOWS System qttask exe C WINDOWS Twain ScanWiz SDetect exe C Program Files Iomega DriveIcons ImgIcon exe C Program Files Roxio Easy CD Creator DragToDisc DrgToDsc exe C Program Files Roxio Easy CD Creator AudioCentral RxMon exe C Program Files ScanSoft OmniPagePro opware exe C WINDOWS system ctfmon exe C Program Files Roxio Easy CD Creator AudioCentral Playlist exe C Program Files Xerox CentreWare Scanning Svcs cwscan exe C Program Files ScanSoft PaperPort xdcla exe C Program Files Internet Explorer iexplore exe C Documents and Settings Bob Desktop HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Local Page O - BHO no name - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar ReGet Bar - A - E - E- D A- DD F - C Program Files ReGetDx iebar dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run QuickTime Task C WINDOWS System qttask exe O - HKLM Run Miramar Systems Inc C Program Files Miramar PC MACLAN for Windows atmsg exe O - HKLM Run SDetect exe C WINDOWS Twain ScanWiz SDetect exe O - HKLM Run Iomega Startup Options C Program Files Iomega Common ImgStart exe O - HKLM Run Iomega Drive Icons C Program Files Iomega DriveIcons ImgIcon exe O - HKLM Run RoxioEngineUtility quot C Program Files Common Files Roxio Shared System EngUtil exe quot O - HKLM Run RoxioDragToDisc quot C Program Files Roxio Easy CD Creator DragToDisc DrgToDsc exe quot O - HKLM Run RoxioAudioCentral quot C Program Files Roxio Easy CD Creator AudioCentral RxMon exe quot O - HKLM Run Omnipage C Program Files ScanSoft OmniPagePro opware exe O - HKLM Run netcab C WINDOWS system netcab exe O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKLM RunOnce SpybotSnD quot C Program Files Spybot - Search amp Destroy SpybotSD exe quot autocheck O - Global Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Global Startup Desktop Scanning lnk O - Global Startup Image Retriever lnk C Program Files ScanSoft PaperPort xdcla exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item amp Google Search - res C Program Files Google GoogleToolbar dll cmsearch html O - Extra context menu item Backward Links - res C Program Files Google GoogleToolbar dll cmbacklinks html O - ... Read more

A:HJT log for review

You've done well, only a thing or two to do......

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

You have an outdated version of HijackThis. Click here to get the latest version of HijackThis.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers.

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

O4 - HKLM\..\Run: [*netcab] C:\WINDOWS\system\netcab.exe

Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\WINDOWS\system\netcab.exe

Reboot into Normal Mode and post a new HijackThis log file so we can make sure it's clean.

http://www.techsupportforum.com/forums/f100/hjt-log-for-review-26886.html
Relevancy 29.67%

Log was analyzed using KRC HijackThis Analyzer - Updated on Get updates at http www greyknight com download htm programs Security Programs Detected C PROGRA mcafee com vso mcvsshld exe C PROGRA mcafee com agent mcagent exe C Program Files Microsoft AntiSpyware gcasServ exe c progra mcafee com vso mcvsescn exe c PROGRA mcafee com vso mcvsrte exe c progra mcafee com vso mcvsftsn exe C Program Files Microsoft AntiSpyware gcasDtServ exe c PROGRA mcafee com vso mcshield exe O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - HKLM Run VSOCheckTask quot c PROGRA mcafee com vso mcmnhdlr exe quot checktask O - HKLM Run VirusScan Online quot c PROGRA mcafee me, you thanks for please review this Could com vso mcvsshld exe quot O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe C PROGRA McAfee com Agent mcupdate Could you please review this for me, thanks exe O - HKLM Run gcasServ quot C Program Files Microsoft AntiSpyware gcasServ exe quot O - Service McAfee com McShield McShield - Unknown owner - c PROGRA mcafee com vso mcshield exe O - Service McAfee SecurityCenter Update Manager mcupdmgr exe - McAfee Inc - C PROGRA McAfee com Agent mcupdmgr exe O - Service McAfee com VirusScan Online Realtime Engine MCVSRte - Networks Associates Technology Inc - c PROGRA mcafee com vso mcvsrte exe Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C Program Files Support com Could you please review this for me, thanks bin tgcmd exe C Documents and Settings Maria Isabel My Documents Hijack HijackThis exe R Could you please review this for me, thanks - HKCU Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKLM Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Internet Connection Wizard ShellNext http us l hpwis com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride r attbi com R - Default URLSearchHook is missing O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dll O - BHO SDWin Class - C C - A - A - A - B B FB C - C WINDOWS system mkkyl dll O - BHO PCTools Site Guard - C B A - DB - A -A CB-D BBFEB - C PROGRA SPYWAR tools iesdsg dll file missing O - BHO PCTools Browser Monitor - B A D D- - C -A - DF C AC - C PROGRA SPYWAR tools iesdpb dll file missing O - BHO SDWin Class - F F A - C - B -A D- B DE FF - C WINDOWS system hffck dll O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn ycomp dll O - HKLM Run HPHUPD C Program Files Hewlett-Packard B B-DCAB- - EE - F hphupd exe O - HKLM Run tgcmd quot C Program Files Support com bin tgcmd exe quot server O - HKCU Run e onRWJFg wmeonfig exe O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra button Spyware Doctor - D D A- - D -A A - C B E E - C PROGRA SPYWAR tools iesdpb dll file missing O - Extra 'Tools' menuitem Yahoo Messenger - BBE - E - D -AD - D AD - C Program Files Yahoo Messenger yhexbmes dll O - DPF - E - D - - ED Support com Configuration Class - http www comcastsupport com sdccom ad tgctlcm cab O - DPF E E - AF- - C -A ADCBF BD HouseCall Control - http housecall-beta trendmicro com ll xscan cab O - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com fwlink link amp clcid x O - DPF FF B-CA - D - DD- - http www errorguard com installation Install cab O - DPF D -F - A-BECC- C A FF vmLaunch Class - http media comcast net anon comca mLauncher cab O - DPF BB -EA B- -A -B D A E - http www snapfish com SnapfishOutlookImport cab O - DPF AB CE -AC F- F- -D ABCA EC Get ActiveX Control - https h www... Read more

A:Could you please review this for me, thanks

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Please download Ad-aware SE and install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. Also go here to get the plug-in for fixing VX2 variants. To run this tool, go into Ad-aware->Add-ons and select VX2 Cleaner. Then click Run Tool and OK to start it. If it's clean, it will say Status System Clean. Otherwise, you will have to click on the Clean button to remove the VX2 infection. Also make sure to customize the settings in Ad-aware for better scan results. Run the scan and fix everything that it finds.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers.

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

ErrorGuard >>>it?s rogueware and we highly recommend that you uninstall it. Rogue/Suspect means that these products are of unknown, questionable, or dubious value as anti-spyware protection.

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
O2 - BHO: SDWin32 Class - {4C2965C9-5A21-40A3-83A9-90B0B63FB51C} - C:\WINDOWS\system32\mkkyl.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file missing)
O2 - BHO: SDWin32 Class - {F0F14A52-50C2-4B05-A75D-6455B6DE59FF} - C:\WINDOWS\system32\hffck.dll
O4 - HKCU\..\Run: [e1onRWJFg] wmeonfig.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll (file missing)
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} - http://www.errorguard.com/installation/Install.cab

Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\WINDOWS\system32\mkkyl.dll
C:\WINDOWS\system32\hffck.dll

wmeonfig.exe

Reboot into Normal Mode and run new HijackThis scan. If there were some entries that didn't show up in Safe Mode, you may check and fix those that appear now in normal mode (if you do that, make sure to run a new scan again). Save the log file and run KRC HijackThis Analyzer in th... Read more

http://www.techsupportforum.com/forums/f100/could-you-please-review-this-for-me-thanks-42909.html
Relevancy 29.67%

Hi Guys can you review my log my computer has been acting weird and it shuts off for no reason also I have Comcast cable and it's slow i'm not getting the bandwidth I'm paying for Please Please HJT Log Review Help Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files TGTSoft StyleXP StyleXPService exe C WINDOWS system spoolsv exe C WINDOWS system cisvc exe C WINDOWS system CTsvcCDA exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C PROGRA McAfee com PERSON MPFSERVICE exe C WINDOWS system oodag exe C WINDOWS system MsPMSPSv exe C Program Files Raxco PerfectDisk PDSched exe C WINDOWS system cidaemon exe C WINDOWS system cidaemon exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C windows system hpsysdrv exe C Program Files Multimedia Card Reader shwicon k exe C Program Files Java jre bin jusched exe C Program Files ATI Technologies ATI HydraVision HydraDM exe C Program Files ATI Technologies ATI ACE cli exe c progra mcafee com vso mcvsescn exe C Program Files SlySoft AnyDVD AnyDVD exe C PROGRA McAfee com PERSON MpfTray exe C Program Files ParaWin pwic exe C Program Files TGTSoft StyleXP StyleXP exe C Program Files Chameleon Clock ChamClock exe C Program Files MSN Messenger msnmsgr exe C WINDOWS system ctfmon exe C Program Files ATI Technologies ATI ACE CLI exe C PROGRA McAfee com PERSON MpfAgent exe c progra Please Review HJT Log mcafee com vso mcvsftsn exe C Program Files Messenger msmsgs exe C Program Files Please Review HJT Log Internet Explorer iexplore exe C PROGRA McAfee com Agent mcagent exe c PROGRA mcafee com vso mcvsshld exe c PROGRA mcafee com vso mcvsrte exe c PROGRA mcafee com vso mcshield exe C Documents and Settings Owner Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Bar http srch-us hpwis com R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Internet Connection Wizard ShellNext http my netzero net s sp r al amp cf s NH amp N PL amp O I R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO IEWatchObj Class - D F-D - D -B DD- CD F - C WINDOWS System IETie dll O - BHO TGTSoft Explorer Toolbar Changer - C CF - F- - AC-E D C C - C Program Files TGTSoft StyleXP TGT BHO dll O - Toolbar HP View - B E - D D- DEB- B - D BCF F - c Program Files Hewlett-Packard Digital Imaging bin hpdtlk dll O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - HKLM Run hpsysdrv c windows system hpsysdrv exe O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run Sunkist k C Program Files Multimedia Card Reader shwicon k exe O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run VSOCheckTask quot c PROGRA mcafee com vso mcmnhdlr exe quot checktask O - HKLM Run VirusScan Online quot c PROGRA mcafee com vso mcvsshld exe quot O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe C PROGRA McAfee com Agent McUpdate exe O - HKLM Run HydraVisionDesktopManager C Program Files ATI Technologies ATI HydraVision HydraDM exe O - HKLM Run ATICCC quot C Program Files ATI Technologies ATI ACE cli exe quot runtime O - HKLM Run KernelFaultCheck syst... Read more

A:Please Review HJT Log

Can you give us more details on when it shuts down and does it give you a window giving you 60 seconds to shutdown? Just need more details. It could be hardware/software related.

The log you posted is clean.

http://www.techsupportforum.com/forums/f100/please-review-hjt-log-47826.html
Relevancy 29.67%

Hi sorry about this Please? review Could log, HJT my someone being my first post but this seemed like an excellent forum for these I was hoping someone could help me out I ran Ad-aware and spybot both updated versions I also followed all the Could someone review my HJT log, Please? steps in the sticky notes Still havin' some problems I appreciate any help that you may suggest Here is my log Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system devldr exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Documents and Settings John and Aimee Application Data ttuh exe C WINDOWS system ttrib exe C WINDOWS System svchost exe C Program Files Internet Explorer iexplore exe C WINDOWS system wuauclt exe C Documents and Settings John and Aimee Desktop HJK This HijackThis exe R - HKCU Software Microsoft Internet Explorer SearchURL http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Internet Explorer Main Search Bar http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Search Page about blank R - HKCU Software Microsoft Internet Explorer Main Start Page http www fark com R - HKLM Software Microsoft Internet Explorer Main Start Page http www dellnet com R - HKCU Software Microsoft Internet Explorer Search SearchAssistant http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www fark com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - Default URLSearchHook is missing O - HKLM Run MCUpdateExe C PROGRA McAfee com Agent mcupdate exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run Uninstall WinTools C WINDOWS Temp WTuninst exe remove O - HKCU Run Aida C Documents and Settings John and Aimee Application Data ttuh exe O - HKCU Run Ijwwcds C WINDOWS system ttrib exe O - Startup PowerReg Scheduler V exe O - Extra button no name - CD F -D E - d - FE- C F AFE - no file O - DPF ConferenceRoom Java Client - http chat privatefeeds com java cr cab O - DPF v cab - http searchmiracle com cab v cab cab O - DPF DA B B- B - -BB - AD PhxStudent OeSetup - https mycampus phoenix edu download PhxStudent ocx O - DPF AD -CDB - E -A DA- EE E BAD - http public windupdates com get fi f fdc b c O - DPF D F -D C- FD-AEE -AEC PhxStudent OeSetup - https mycampus phoenix edu secure PhxStudent CAB O - DPF C E-FA D- -BACC-D C EF EPUImageControl Class - http tools ebayimg com eps wl acti l v - - - cab O - DPF BCB- D A- D -A B- DA DE RdxIE Class - http software-dl real com d a p RdxIE cab O - DPF E - B- B A- B- AB CC C B PhxStudent OeSetup - https mycampus phoenix edu secure PhxStudent CAB O - DPF - AE - FD- A -AA C PhxStudent OeSetup - https mycampus phoenix edu secure PhxStudent CAB O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net ll xscan cab O - DPF D F B - A - D - B - DC A SecureLogin SecureControl - http secure comned com signuptemp veSecurity cab O - DPF F B B - - B C-BD C-D FA C BD C PhxStudent OeSetup - https mycampus phoenix edu secure PhxStudent CAB O - DPF F -DE C- -BC C- FCF D E - http download websearch com Dnl T QDow AS cab O - DPF A C A - C E- C-B - A E PhxStudent OeSetup - https mycampus phoenix edu secure PhxStudent CAB

A:Could someone review my HJT log, Please?

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

Reboot into Safe Mode (hit F8 key until menu shows up).


Make sure to close any open browsers. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn't be - but double check it):

ttuh.exe
?ttrib.exe


Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

Wintools

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

C:\Documents and Settings\John and Aimee\Application Data\ttuh.exe
C:\WINDOWS\system32\?ttrib.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fark.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.fark.com/
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [Uninstall_WinTools] C:\WINDOWS\Temp\WTuninst.exe /remove
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\John and Aimee\Application Data\ttuh.exe
O4 - HKCU\..\Run: [Ijwwcds] C:\WINDOWS\system32\?ttrib.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...f3fd c891b75c6
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptem...iveSecurity.cab
O16 - DPF: {87067F04-DE4C-4688-BC3C-4FCF39D609E7} - http://download.websearch.com/Dnl/T_40/QDow_AS2.cab


Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\Documents and Settings\John and Aimee\Application Data\ttuh.exe
C:\WINDOWS\system32\?ttrib.exe


Reboot into Normal Mode.

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there. Download Index.dat Suite to clean out all the temp folders. Run Index.dat Suite now and go to Tools->Settings. Then make sure to check the following: Cookies, History, Recent Documents, Swap File (if you have Windows 95/98), Temporary Internet Files and Temp Files. Click Save at the bottom. Then click on the Find button. Let it search. Then click on the second button on the top. This will generate a batch file. Click Next->Next->Next and it will tell you that after the next reboot/restart you the file should run by itself and startup and clean all those files.

Please reboot once more and post a new HJT log.

http://www.techsupportforum.com/forums/f284/could-someone-review-my-hjt-log-please-19085.html
Relevancy 29.67%

Greetings - I have followed all of the instructions listed in the Anti-Spyware tutorial CWS AdAware SpyBot Here is my HJT file - would log my HJT review Please greatly appreciate if this could be reviewed for any outstanding issues Thanks Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe Please review my HJT log C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS System Ati evxx exe C Program Files Norton AntiVirus navapsvc Please review my HJT log exe C Program Files Analog Devices SoundMAX SMAgent exe C WINDOWS System MsPMSPSv exe C WINDOWS Explorer EXE C WINDOWS AGRSMMSG exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe C Program Files Hewlett-Packard HP Software Update HPWuSchd exe C WINDOWS System hphmon exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Roxio Easy CD Creator DragToDisc DrgToDsc exe C Program Files Microsoft IntelliPoint point exe C PROGRA PANICW POP-UP dpps exe C Program Files Common Files Real Update OB realsched exe C Program Files HighCriteria TotalRecorder TotRecSched exe C Program Files NetPumper NetPumperIEProxy exe C Program Files iPod bin iPodManager exe C Program Files QuickTime qttask exe C Documents and Settings Alex Blake Application Data amee exe C Program Files Nikon NkView NkvMon exe C WINDOWS System svchost exe C Program Files iPod bin iPodService exe C WINDOWS System wuauclt exe C PROGRA NETPUM NETPUM EXE C HijackThis exe C Program Files Messenger msmsgs exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cust search ie html R - HKCU Software Microsoft Internet Explorer Main Search Page http red clientapps yahoo com cust www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http finance yahoo com q cq d v amp s fdc USDSGD X R - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com cust www yahoo com O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - B DE- C - BF-B B- B F A E - c Program Files Microsoft Money System mnyside dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO CNavExtBho Class - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run ATIModeChange Ati mdxx exe O - HKLM Run AGRSMMSG AGRSMMSG exe O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run MMTray C Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exe O - HKLM Run Cpqset C Program Files HPQ Default Settings cpqset exe O - HKLM Run CamMonitor C Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe O - HKLM Run HPHUPD c Program Files Hewlett-Packard B B-DCAB- - EE - F hphupd exe O - HKLM Run HP Software Update quot c Program Files Hewlett-Packard HP Software Update HPWuSchd exe quot O - HKLM Run HPHmon C WINDOWS System hphmon exe O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot C Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run RoxioEngineUtility quot C Program Files Common Files Roxio Shared System EngUtil exe quot O - HKLM Run RoxioDragToDisc quot C Program Files Roxio Easy CD Creator DragToDisc DrgToDsc exe quot O - HKLM Run IMJPMIG quot C WINDOWS IME imjp IMJPMIG EXE quot Spoil RemAdvDef Migr... Read more

A:Please review my HJT log

Welcome to TSF.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Make sure to close any open browsers. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn't be - but double check it):

C:\Documents and Settings\Alex Blake\Application Data\amee.exe

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKCU\..\Run: [Aaou] C:\Documents and Settings\Alex Blake\Application Data\amee.exe
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.windupdates.com

Reboot into Safe Mode (hit F8 key until menu shows up). Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\Documents and Settings\Alex Blake\Application Data\amee.exe

Reboot into Normal Mode and post a new HijackThis log file so we can make sure it's clean.

To help prevent future spyware installations/infections, please read the Anti-Spyware Section and use the tools provided.

http://www.techsupportforum.com/forums/f284/please-review-my-hjt-log-22761.html
Relevancy 29.67%

Hey guys I have been having some slowdown issues with starting up and also some crashing issues review to Log with Firefox and I had suspected some spyware or whatever However I went to play a game and got a blue screen of death and I am worried I may have a more serious virus But it could have just been a fluke so here s my log and take your time I know you get a lot of these Logfile of HijackThis v Scan saved at PM on Platform Log to review Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Ahead InCD InCDsrv exe C WINDOWS system svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C PROGRA Grisoft AVG avgemc exe C WINDOWS system CTsvcCDA exe C Program Files NVIDIA Corporation NetworkAccessManager Apache Group Apache bin apache exe C WINDOWS System svchost exe C Program Files NVIDIA Corporation NetworkAccessManager bin nSvcLog exe C WINDOWS system nvsvc exe C WINDOWS system PnkBstrA exe C WINDOWS system PnkBstrB exe C WINDOWS system svchost exe C Program Files NVIDIA Corporation NetworkAccessManager Apache Group Apache bin apache exe C Program Files Viewpoint Common ViewpointService exe C Program Files NVIDIA Corporation NetworkAccessManager bin nSvcAppFlt exe C Program Files NVIDIA Corporation NetworkAccessManager bin nSvcIp exe C WINDOWS Explorer EXE C WINDOWS system RunDLL exe C PROGRA Grisoft AVG avgcc exe C Program Files CyberLink DVD Solution PowerDVD PDVDServ exe C Program Files Ahead InCD InCD exe C Program Files Analog Devices Core smax pnp exe C Program Files Analog Devices SoundMAX Smax exe C Program Files Razer razerhid exe C Program Files HP HP Software Update HPWuSchd exe C WINDOWS system ctfmon exe C Program Files Creative MediaSource Detector CTDetect exe C Program Files ASUS WiFi-AP Solo RtWLan exe C Program Files Razer razertra exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Razer razerofa exe C Program Files Mozilla Firefox firefox exe C WINDOWS system wuauclt exe C Program Files HP Digital Imaging bin hpqSTE exe C Program Files HP Digital Imaging Product Assistant bin hprblog exe C PROGRA Grisoft AVG avgwb dat C Program Files Ares Ares exe C Program Files Windows Media Player wmplayer exe C Program Files HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RunDLL exe NvMCTray dll NvTaskbarInit O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run RemoteControl quot C Program Files CyberLink DVD Solution PowerDVD PDVDServ exe quot O - HKLM Run InCD C Program Files Ahead InCD InCD exe O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run SoundMAXPnP C Program Files Analog Devices Core smax pnp exe O - HKLM Run SoundMAX quot C Program Files Analog Devices SoundMAX Smax exe quot tray O - HKLM Run razer C Program Files Razer razerhid exe O - HKLM Run Adobe Photo Downloader quot C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottime O - HKLM Run HP Software Update C Pro... Read more

A:Log to review

Please update your version of Hijackthis:
Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
The P2P programs you have installed expose you to risks because of the nature of the P2P file sharing process. File sharing/P2P programs rely on members giving and gaining unrestricted access to computers across the P2P network. This practice can make you vulnerable to data and identity theft. It also exposes you to very malicious worms and trojans. You change those risky default settings to a safer configuration but the act of downloading files from an anonymous source greatly increases your exposure to infection.

I suggest you go to add/remove programs and remove all P2P programs!

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Click Exit on the Main menu to close the program.

Download and scan with SUPERAntiSpyware Free for Home Users
Double-click SUPERAntiSpyware.exe and use the default settings for installation.
An icon will be created on your desktop. Double-click that icon to launch the program.
If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
Under "Configuration and Preferences", click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.

Click the "Close" button to leave the control center screen.
Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
On the left, make sure you check C:\Fixed Drive.
On the right, under "Complete Scan", choose Perform Complete Scan.
Click "Next" to start the scan. Please be patient while it scans your computer.
After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
Make sure everything has a checkmark next to it and click "Next".
A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
If asked if you want to reboot, click "Yes".
To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply with a new hijackthis log.

Click Close to exit the program.

 

https://forums.techguy.org/threads/log-to-review.693401/
Relevancy 29.67%

Log was analyzed using KRC HijackThis Analyzer - Updated on Get updates at http www greyknight com download htm programs Security Programs Detected C Program Files AVPersonal AVWUPSRV EXE C Program Files AVPersonal AVGUARD EXE C Program Files AVPersonal AVGNT EXE O - HKLM Run AVGCtrl log review HJT this Please quot C Program Files AVPersonal AVGNT EXE quot min Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by Comcast High-Speed Internet N - Netscape user pref quot browser startup homepage quot quot mlb com quot C Documents and Settings Paul Application Data Mozilla Profiles default cc c ncq slt prefs js N - Netscape user pref quot Please review this HJT log browser search defaultengine quot quot engine C A CProgram Files CNetscape CNetscape Csearchplugins CSBWeb src quot C Documents and Settings Paul Application Data Mozilla Profiles default cc c ncq slt prefs js O - BHO VPN-OEM Extension Please review this HJT log - D B -B B - BCC-A - E - C WINDOWS system nvrcr dll O - DPF E E - AF- Please review this HJT log - C -A ADCBF BD HouseCall Control - http housecall-beta trendmicro com ll xscan cab O - DPF B C -D - F- C - BD B EE - http www sidestep com get k sb a cab O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net ll xscan cab O - DPF ED - - F -B - DE A D ImageControl Class - http c ancestry com cab ImageViewer MFImgVwr cab O - DPF DB B - - D - E - E MrSIDI Control - http images myfamily net isfiles downloads MrSIDI cab O - DPF B FE E- F - - B - EFB FC E HPObjectInstaller Class - http h www hp com ediags gs dsolutions cab O - DPF AFDD B - ABB- D - - C A MFInstall Class - http c ancestry com MFInstall MFInstall cab O - DPF CE D D - CF- C D- FE - F A ActiveDataInfo Class - https www-secure symantec com tech a SymAData cab O - DPF E C D - A- F-AD F- C C B C ActiveDataObj Class - https www-secure symantec com tech ActiveData cab O - DPF EB D F-E B- D - E- D C D QDiagHUpdateObj Class - http h www hp com hpdj en check qdiagh cab O - DPF F E CEF-A - C -BA E- CAF EE C MSN Chat Control - http chat msn com bin msnchat cab O - SSODL XmLdrLocation - C F - - DA-B F -B FCDA - C WINDOWS system mserrtrc dll O - Service AntiVir Service AntiVirService - H BEDV Datentechnik GmbH - C Program Files AVPersonal AVGUARD EXE O - Service AntiVir Update AVWUpSrv - H BEDV Datentechnik GmbH Germany - C Program Files AVPersonal AVWUPSRV EXE O - Service Norton Unerase Protection NProtectService - Unknown owner - C Program Files Norton AntiVirus AdvTools NPROTECT EXE file missing End of KRC HijackThis Analyzer Log

A:Please review this HJT log

Hello disordered and welcome to TSF

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions.

Go to My Computer >Tools >Folder Options >View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing / visible. Uncheck the Hide protected operating system files option.

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there. Download CleanUp! (Alternate Link if the main link does not work) and install it. Please Do not run yet.

Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears).

Click > Start > Control Panel > Add / Remove Programs and uninstall the following programs:

sidestep

Open Hijack This and click on Scan. Check the following entries (make sure you do not miss any)

O2 - BHO: VPN-OEM Extension - {11D003B5-B3B5-4BCC-A974-71148786E968} - C:\WINDOWS\system32\nvrcr16.dll
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k42037/sb02a.cab
O21 - SSODL: XmLdrLocation - {0C887F38-5178-43DA-B9F0-B856141FCDA4} - C:\WINDOWS\system32\mserrtrc.dll


Please remember to close all other windows, including browsers then click Fix checked.

Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist.


C:\WINDOWS\system32\nvrcr16.dll
C:\WINDOWS\system32\mserrtrc.dll

Run CleanUp! and click on CleanUp! button. When it asks you if you want to logoff, click on Yes.

Reboot your system in Normal Mode.

please run this online virus scan: ActiveScan - Save the results from the scan!

Please post a fresh Hijack This log and an active scan log so that we can check if your system is clean.

http://www.techsupportforum.com/forums/f284/please-review-this-hjt-log-58746.html
Relevancy 29.67%

it seems as if these O - Hosts livesexlist com O - Hosts lanasbigboobs com O - Hosts thumbnailpost com O - Hosts adult-series com O - Hosts www livesexlist com O - Hosts www lanasbigboobs com O - Hosts www thumbnailpost com O - Hosts www adult-series com keep reappearing when i restart my comp and the problem cant be fixed maybe im not deleting everything i should be here is the rest of the list Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS HJT review log, please system spoolsv exe C WINDOWS system LEXPPS EXE C WINDOWS system cisvc exe C WINDOWS System CTsvcCDA exe c PROGRA mcafee com vso mcvsrte exe C WINDOWS System nvsvc exe C WINDOWS Explorer EXE C WINDOWS System svchost exe C WINDOWS System HJT log, please review MsPMSPSv exe C Program Files McAfee com Agent mcagent exe C PROGRA HJT log, please review mcafee com vso mcvsshld exe C Program Files Common Files Dell EUSW Support exe C Program Files Dell AIO Printer A dlbabmgr exe C Program Files Common Files Real Update OB HJT log, please review realsched exe C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe C Program Files Dell AIO Printer A dlbabmon exe C Program Files Roxio Easy CD Creator DirectCD DirectCD exe C Program Files Creative SBLive Diagnostics diagent exe c PROGRA mcafee com vso mcshield exe C PROGRA AIM aim exe C Program Files Internet Explorer iexplore exe C WINDOWS system cidaemon exe C WINDOWS system cidaemon exe C Program Files Microsoft Money System urlmap exe C Documents and Settings Bud Local Settings Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer SearchURL http tooncomics com main sp php R - HKCU Software Microsoft Internet Explorer Main Search Bar http tooncomics com main sp php R - HKCU Software Microsoft Internet Explorer Main Search Page http tooncomics com main sp php R - HKCU Software Microsoft Internet Explorer Main Start Page http tooncomics com main hp php R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Internet Explorer Search SearchAssistant http tooncomics com main sp php R - HKCU Software Microsoft Internet Connection Wizard Shellnext http www dellnet com O - Hosts livesexlist com O - Hosts lanasbigboobs com O - Hosts thumbnailpost com O - Hosts adult-series com O - Hosts www livesexlist com O - Hosts www lanasbigboobs com O - Hosts www thumbnailpost com O - Hosts www adult-series com O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - FDD B - D - ffb- - B AD ACC - C Program Files Microsoft Money System mnyviewer dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run MCAgentExe C Program Files McAfee com Agent mcagent exe O - HKLM Run VirusScan Online c PROGRA mcafee com vso mcvsshld exe O - HKLM Run DwlClient C Program Files Common Files Dell EUSW Support exe O - HKLM Run Dell AIO Printer A quot C Program Files Dell AIO Printer A dlbabmgr exe quot O - HKLM Run MCUpdateExe C PROGRA McAfee com Agent McUpdate exe O - HKLM Run UpdReg C WINDOWS UpdReg EXE O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run mmtask C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe O - HKLM Run MoneyStartUp quot C Program Files Microsoft Money System Activation exe quot O - HKLM Run diagent quot C Program Files Creative SBLive Diagnostics diagent exe quot startup O - HKLM Run AdaptecDirectCD quot C Program Files Roxio Easy CD Creator DirectCD DirectCD exe quot O - HKCU Run iedll C WINDOWS iedll exe O - HKCU Run l... Read more

A:HJT log, please review

Go here for the free Ad-Aware 6 Personal Build 181: http://www.lavasoft.de/support/download/

Launch the program ... on the start-up screen, you will need to first run the Webupdate Feature (globe at the top), or click "check for updates" to get the Reference File up to date.

Please use the Custom Scan with Memory and Both registry scans ON. Also.... make sure that you activate IN-DEPTH scanning before you proceed.

Then see that you have these options checked:
Under Ad-aware 6 Settings, Scanning, Memory & Registry:
"Scan My Hosts File" ...

Under Ad-Aware 6 Settings, Tweaks, Scanning Engine:
"Unload recognized processes during scanning."
Under Ad-Aware 6 Settings, Tweaks, Cleaning Engine:
"Let Windows remove files in use after reboot."

Next ...

Run Ad-Aware 6.
Mark the objects you wish to eliminate for removal. There are many options available with a right-click.
Make a Quarantine only if you do not have the Auto-Quarantine option ON.
Then choose "Next" to remove the chosen objects.
Finally ... Reboot

Please read http://forums.techguy.org/t164245/s.html for further instructions, settings , etc.

After running Ad-Aware, re-boot, and post a fresh logfile.
 

https://forums.techguy.org/threads/hjt-log-please-review.184249/
Relevancy 29.67%

I'm helping out a friend at work and trying to clean up her terribly infected system Can someone have a look at this and let me know what to fix I've already run these things Spybot Spyware Blaster is active AdAware Trend Micro scan Zone Alarm Firewall is active Thanks a bunch -- much appreciated Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C PROGRA COMMON AOL ACS acsd exe C WINDOWS System CTsvcCDA exe C WINDOWS System nvsvc exe C WINDOWS SYSTEM ZoneLabs vsmon exe C WINDOWS wanmpsvc exe C WINDOWS System MsPMSPSv exe C WINDOWS system svchost exe C WINDOWS system wscntfy exe C WINDOWS Explorer EXE C Program Files Intel Modem Event Monitor IntelMEM exe C WINDOWS system dla tfswctrl exe C WINDOWS System DSentry exe C Program Files Dell Media Experience PCMService exe C for review HJ Log your Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exe C Program Files Common Files Dell EUSW Support exe C WINDOWS system rundll exe C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe C Program Files Zone Labs ZoneAlarm zlclient exe C Program Files Creative SBLive Diagnostics diagent exe C Program Files Dell Support Alert bin NotifyAlert exe C HJ Log for your review Program Files Internet Explorer iexplore exe C Documents and Settings CM director Desktop Unused Desktop Shortcuts aiepk exe C WINDOWS system wuauclt exe C DOCUME CMDIRE LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe C WINDOWS system wuauclt exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKCU Software Microsoft Internet Explorer Main Start Page http www wthr com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKLM Software Microsoft Internet Explorer Main Start Page http www dell me com myway O - BHO URLLink Class - A AACF -ADF - D - A - E B E - C Program Files NewDotNet newdotnet dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO CATLEvents Object - AC -B D - C -A B- B BF DE - C DOCUME CMDIRE LOCALS Temp vrsyek dat file missing O - Toolbar no name - BA B -B - c -B - F F - no file O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run IntelMeM C Program Files Intel Modem Event Monitor IntelMEM exe O - HKLM Run dla C WINDOWS system dla tfswctrl exe O - HKLM Run DVDSentry C WINDOWS System DSentry exe O - HKLM Run PCMService quot C Program Files Dell Media Experience PCMService exe quot O - HKLM Run diagent quot C Program Files Creative SBLive Diagnostics diagent exe quot startup O - HKLM Run UpdReg C WINDOWS UpdReg EXE O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run MMTray C Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exe O - HKLM Run DwlClient C Program Files Common Files Dell EUSW Support exe O - HKLM Run New net Startup rundll C PROGRA NEWDOT NEWDOT DLL NewDotNetStartup -s O - HKLM Run mmtask C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe O - HKLM Run UpdateManager quot C Program Files Common Files Sonic Update Manager sgtray exe quot r O - HKLM Run aiepk C Documents and Settings CM director Desktop Unused Desktop Shortcuts aiepk exe O - HKLM Run Zone Labs Client C Program Files Zone Labs ZoneAlarm zlclient exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - Global Startup America Online Tray Icon lnk C Program Files America Online aoltray exe O - Global Startup GStartup lnk C Program Files Common Files GMT GMT exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA ... Read more

A:HJ Log for your review

Hello blondiebluejen, Welcome to TSF.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. If you have Windows XP, the search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that 'Search system folders', 'Search hidden files and folders', and 'Search subfolders' are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there. Download CleanUp! http://cleanup.stevengould.org/ (Alternate Link if main link don't work - http://www.greyknight17.com/spy/CleanUp.exe ) and install it.

Download WinsockFix http://www.greyknight17.com/spy/WinsockFix.sfx.exe and uncompress it. Then double-click on the uncompressed file to run it.

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Make sure to close any open browsers.

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

NewDotNet or New.Net
GAIN
Gator

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O2 - BHO: CATLEvents Object - {72AC6865-B1D3-4C32-A27B-4B3BF04DE655} - C:\DOCUME~1\CMDIRE~1\LOCALS~1\Temp\vrsyek.dat (file missing)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\newdot~1.dll,NewDotNetStartup -s
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\gmt.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net

Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\Program Files\NewDotNet
C:\Program Files\Common Files\GMT

Run CleanUp! and click on CleanUp! button. Once it's done, you may click the Close button. When asked if you want to logoff, choose Yes.

Restart and run a new HijackThis scan. Save the log file and post it here.

http://www.techsupportforum.com/forums/f284/hj-log-for-your-review-58977.html
Relevancy 29.67%

Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer exe C WINDOWS System cmd exe C WINDOWS System hkcmd exe C Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exe C PROGRA mcafee com agent mcagent exe C Program Files Common Files Real Update OB realsched exe C Program H/J for Review....Please? Log Files Java j re bin jusched exe C Program Files QuickTime qttask exe C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe C PROGRA Grisoft AVG avgcc exe C Program Files AIM aim exe C Program H/J Log for Review....Please? Files America Online aoltray exe C Program Files Digital Line Detect DLG exe C Program Files Java j re bin javaw exe C Program Files Microsoft Office Office msoffice exe C PROGRA Grisoft H/J Log for Review....Please? AVG avgserv exe C Program Files Network Associates VirusScan avsynmgr exe C Program Files Network Associates VirusScan VsStat exe C Program Files Network Associates VirusScan Avconsol exe C Program Files Network Associates VirusScan Webscanx exe C WINDOWS System wuauclt exe C Program Files Internet Explorer iexplore exe C Documents and Settings Bryan My Documents Beats hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com F - system ini Shell Explorer exe C WINDOWS System cmd exe F - REG system ini Shell Explorer exe C WINDOWS System cmd exe O - BHO no name - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dll O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn ycomp dll O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run DellCleanup c DELL WINCLEAN EXE O - HKLM Run DellSupportOobeCheck C Program Files Dell Support bin OOBECheckStart exe O - HKLM Run MMTray C Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exe O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe C PROGRA mcafee com agent mcupdate exe O - HKLM Run McafWelcome C Program Files McAfee com Agent mcwelcom exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKLM Run VirusScan Online quot c PROGRA mcafee com vso mcvsshld exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run mmtask C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe O - HKLM Run VSOCheckTask quot c PROGRA mcafee com vso mcmnhdlr exe quot checktask O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKLM RunServices SystemSAS system exe O - HKLM RunServices CMD cmd exe O - HKCU Run AIM C Program Files AIM aim exe -cnetwait odl O - Global Startup America Online Tray Icon lnk C Program Files America Online aoltray exe O - Global Startup Digital Line Detect lnk O - Global Startup LimeWire lnk C Program Files LimeWire LimeWire exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item LimeShop Preferences - file C Program Files LimeShop System Temp limeshop script htm O - Extra Tools menuitem Sun Java Console HKLM O - Extra button AIM HKLM O - Extra button Real com HKLM O - DPF BF D - C - B -BC -D ABDDC B QuickTime Object - http www apple com qtactivex qtplugin cab O - DPF B BCA- F C- CF- - Shockwave ActiveX Control - http download macromedia com pub director sw cab O - DPF - F - BB - D -FA ... Read more

A:H/J Log for Review....Please?

Closing duplicate; please continue with the original thread:

http://forums.techguy.org/t185559/s.html
 

https://forums.techguy.org/threads/h-j-log-for-review-please.185615/
Relevancy 29.67%

Review my hijackthis log please Thanks Logfile of HijackThis v Scan Please review... saved at p m on - - Platform Windows SE Win x Please review... A MSIE Internet Explorer v Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MSTASK EXE C WINDOWS SYSTEM ZONELABS VSMON EXE C ARCHIVOS DE PROGRAMA ARCHIVOS COMUNES SYMANTEC SHARED CCSETMGR EXE C ARCHIVOS DE PROGRAMA ARCHIVOS COMUNES SYMANTEC SHARED CCEVTMGR EXE C WINDOWS EXPLORER EXE C WINDOWS PTSNOOP EXE C WINDOWS SYSTEM CMMPU EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS LOADQM EXE C ARCHIVOS DE PROGRAMA ZONE LABS ZONEALARM ZLCLIENT EXE C ARCHIVOS DE PROGRAMA ARCHIVOS COMUNES SYMANTEC SHARED CCAPP EXE C ARCHIVOS DE PROGRAMA MICROSOFT OFFICE OFFICE OSA EXE C ARCHIVOS DE PROGRAMA MICROSOFT OFFICE OFFICE FINDFAST EXE C WINDOWS SYSTEM WMIEXE EXE C ARCHIVOS DE PROGRAMA INTERNET EXPLORER IEXPLORE EXE C WINDOWS SYSTEM DDHELP EXE C WINDOWS ESCRITORIO HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Start Page http www google cl R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName V nculos F - win ini load ptsnoop exe F - win ini run C WINDOWS SYSTEM cmmpu exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C ARCHIVOS DE PROGRAMA ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Archivos de programa Norton AntiVirus NavShExt dll O - BHO no name - - F - D - - D F - C ARCHIV SPYBOT SDHELPER DLL O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c archivos de programa google googletoolbar dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Archivos de programa Norton AntiVirus NavShExt dll O - Toolbar amp Google - C B - - d - B - A CD F - c archivos de programa google googletoolbar dll O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run CountrySelection pctptt exe O - HKLM Run LoadQM loadqm exe O - HKLM Run Zone Labs Client quot C Archivos de programa Zone Labs ZoneAlarm zlclient exe quot O - HKLM Run ccApp quot C Archivos de programa Archivos comunes Symantec Shared ccApp exe quot O - HKLM Run RegisterDropHandler C Archivos de programa SCNDRVP TBRIDGE BIN RegisterDropHandler EXE O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices TrueVector C WINDOWS SYSTEM ZONELABS VSMON EXE -service O - HKLM RunServices ScriptBlocking quot C Archivos de programa Archivos comunes Symantec Shared Script Blocking SBServ exe quot -reg O - HKLM RunServices ccSetMgr quot C Archivos de programa Archivos comunes Symantec Shared ccSetMgr exe quot O - HKLM RunServices ccEvtMgr quot C Archivos de programa Archivos comunes Symantec Shared ccEvtMgr exe quot O - HKLM RunServices RegisterDropHandler C Archivos de programa SCNDRVP TBRIDGE BIN RegisterDropHandler EXE O - HKCU Run MailWasher C ARCHIV MAILWA MAILWA EXE O - Startup Inicio de Office lnk C Archivos de programa Microsoft Office Office OSA EXE O - Startup B squeda r pida de Microsoft lnk C Archivos de programa Microsoft Office Office FINDFAST EXE O - Startup Adobe Gamma Loader lnk C Archivos de programa Archivos comunes Adobe Calibration Adobe Gamma Loader exe O - Extra context menu item amp Download with amp DAP - C ARCHIV DAP dapextie htm O - Extra context menu item Download amp all with DAP - C ARCHIV DAP dapextie htm O - Extra context menu item amp Google Search - res C ARCHIVOS DE PROGRAMA GOOGLE GOOGLETOOLBAR DLL cmsearch html O - Extra context menu item Cac amp hed Snapshot of Page - res C ARCHIVOS DE PROGRAMA GOOGLE GOOGLETOOLBAR DLL cmcache html O - Extra context menu item Si amp milar Pages ... Read more

A:Please review...

Could you please describe the problems you're experiencing?

Please run an online virus scan at Panda ActiveScan. Save the results and bring them with you in your next post.

http://www.techsupportforum.com/forums/f284/please-review-62943.html