 |  |  |  |  |  |  |  |
Hijack Log/Spyware problem?
 |
I ran adaware/spybot and my home computer is still extremley slow. The internet acts as if it's connected to a 38k modem. My father thought it'd be a good idea to reboot the computer, even though that did nothing. I ran hijack this and this is the system log for it. Is there anything here that i should delete? If this doesn't work what else should i try? I've run a number of virus scans and stuff comes up but it can never be deleted.
Thanks,
Jillian
Logfile of HijackThis v1.98.2
Scan saved at 1:02:53 PM, on 11/27/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\Digital
Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VERITAS Software\Update
Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\Soundsyst.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\System32\SystemStats.exe
C:\Program Files\GIANT Company Software\GIANT
AntiSpyware\gcasServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Verizon
Online\SupportCenter\bin\mpbtn.exe
C:\Program Files\GIANT Company Software\GIANT
AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Local
Settings\Temp\Temporary Directory 1 for
hijackthis.zip\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
http://srch-us6.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Local Page = C:\WINDOWS\about.htm
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Local Page = C:\WINDOWS\about.htm
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Window Title = Microsoft Internet
Explorer provided by Verizon Online
O2 - BHO: AcroIEHlprObj Class -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat
5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio -
{8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: hp toolkit -
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} -
C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program
Files\Hewlett-Packard\Digital
Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program
Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla]
C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray]
C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Microsoft Intrenet Explorer]
Soundsyst.exe
O4 - HKLM\..\Run: [vptray]
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [System Stats] SystemStats.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\GIANT
Company Software\GIANT AntiSpyware\gcasServ.exe"
O4 - HKLM\..\RunServices: [Microsoft Intrenet
Explorer] Soundsyst.exe
O4 - HKLM\..\RunServices: [System Stats]
SystemStats.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program
Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SFP] C:\Program Files\Common
Files\Verizon Online\SFP\vzSFPWin.EXE /s
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe
-cnetwait.odl
O4 - HKCU\..\Run: [System Stats] SystemStats.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program
Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Verizon Online Support Center.lnk
= C:\Program Files\Verizon
Online\SupportCenter\bin\matcli.exe
O9 - Extra button: AIM -
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program
Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O17 -
HKLM\System\CCS\Services\Tcpip\..\{AA498336-F703-4C7F-8246-7A880A53793A}:
NameServer = 151.203.0.84 151.203.0.85
Thanks,
Jillian
Logfile of HijackThis v1.98.2
Scan saved at 1:02:53 PM, on 11/27/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\Digital
Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VERITAS Software\Update
Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\Soundsyst.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\System32\SystemStats.exe
C:\Program Files\GIANT Company Software\GIANT
AntiSpyware\gcasServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Verizon
Online\SupportCenter\bin\mpbtn.exe
C:\Program Files\GIANT Company Software\GIANT
AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Local
Settings\Temp\Temporary Directory 1 for
hijackthis.zip\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
http://srch-us6.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Local Page = C:\WINDOWS\about.htm
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Local Page = C:\WINDOWS\about.htm
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Window Title = Microsoft Internet
Explorer provided by Verizon Online
O2 - BHO: AcroIEHlprObj Class -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat
5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio -
{8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: hp toolkit -
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} -
C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program
Files\Hewlett-Packard\Digital
Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program
Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla]
C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray]
C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Microsoft Intrenet Explorer]
Soundsyst.exe
O4 - HKLM\..\Run: [vptray]
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [System Stats] SystemStats.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\GIANT
Company Software\GIANT AntiSpyware\gcasServ.exe"
O4 - HKLM\..\RunServices: [Microsoft Intrenet
Explorer] Soundsyst.exe
O4 - HKLM\..\RunServices: [System Stats]
SystemStats.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program
Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SFP] C:\Program Files\Common
Files\Verizon Online\SFP\vzSFPWin.EXE /s
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe
-cnetwait.odl
O4 - HKCU\..\Run: [System Stats] SystemStats.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program
Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Verizon Online Support Center.lnk
= C:\Program Files\Verizon
Online\SupportCenter\bin\matcli.exe
O9 - Extra button: AIM -
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program
Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O17 -
HKLM\System\CCS\Services\Tcpip\..\{AA498336-F703-4C7F-8246-7A880A53793A}:
NameServer = 151.203.0.84 151.203.0.85
Can you move hjt to a permenant folder please (i.e. one not in a temp directory). Otherwise any backups may be wiped out.
Then reboot and post a new log, making sure all other windows are closed.
Incidentally are you running all your scans from an administrator account?
Then reboot and post a new log, making sure all other windows are closed.
Incidentally are you running all your scans from an administrator account?
emdevelopments - accessible web design | HiJackThis
Portfolio: Fire Equipment, Conveyors, Tools | Whitworth Spanner | Alarm Installers Bath | Physical Security Solutions | Surveyor | Pine Range | Unique Air Charter | Apollo Tiling in Bridgend
Portfolio: Fire Equipment, Conveyors, Tools | Whitworth Spanner | Alarm Installers Bath | Physical Security Solutions | Surveyor | Pine Range | Unique Air Charter | Apollo Tiling in Bridgend
|
Similar Threads
- Hijack this log (Viruses, Spyware and other Nasties)
- Aurora virus - Hijack log (Viruses, Spyware and other Nasties)
- Possible ISTbar problem - Hijack This log. (Viruses, Spyware and other Nasties)
- Virus/Spyware on computer, Hijack This log file (Viruses, Spyware and other Nasties)
- Hijack This Log, please help (Viruses, Spyware and other Nasties)
- hijack this log (Viruses, Spyware and other Nasties)
- Warning you're in Danger - Spyware Problem (Viruses, Spyware and other Nasties)
- In Desperate Need of Help with hijack this log file; computer full of spyware (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: hijacker.exe help, have no clue what's causing problem and don't want to delete good
- Next Thread: norton antivirus 2002
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia education email europe exam exploit facebook fake fancheckvirus gaming gumblar halloween hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus sans scareware school search security seopoisoning software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista warning windows worm yahoo
