944,198 Members | Top Members by Rank

Hardware and Software > Microsoft Windows > Viruses, Spyware and other Nasties > Hijack Log/Spyware problem?
Ad:
Permalink
Nov 27th, 2004
0

Hijack Log/Spyware problem?

Expand Post »
I ran adaware/spybot and my home computer is still extremley slow. The internet acts as if it's connected to a 38k modem. My father thought it'd be a good idea to reboot the computer, even though that did nothing. I ran hijack this and this is the system log for it. Is there anything here that i should delete? If this doesn't work what else should i try? I've run a number of virus scans and stuff comes up but it can never be deleted.
Thanks,
Jillian



Logfile of HijackThis v1.98.2
Scan saved at 1:02:53 PM, on 11/27/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\Digital
Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VERITAS Software\Update
Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\Soundsyst.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\System32\SystemStats.exe
C:\Program Files\GIANT Company Software\GIANT
AntiSpyware\gcasServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Verizon
Online\SupportCenter\bin\mpbtn.exe
C:\Program Files\GIANT Company Software\GIANT
AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Local
Settings\Temp\Temporary Directory 1 for
hijackthis.zip\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
http://srch-us6.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Local Page = C:\WINDOWS\about.htm
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Local Page = C:\WINDOWS\about.htm
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Window Title = Microsoft Internet
Explorer provided by Verizon Online
O2 - BHO: AcroIEHlprObj Class -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat
5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio -
{8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: hp toolkit -
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} -
C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CamMonitor] c:\Program
Files\Hewlett-Packard\Digital
Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program
Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla]
C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray]
C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Microsoft Intrenet Explorer]
Soundsyst.exe
O4 - HKLM\..\Run: [vptray]
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [System Stats] SystemStats.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\GIANT
Company Software\GIANT AntiSpyware\gcasServ.exe"
O4 - HKLM\..\RunServices: [Microsoft Intrenet
Explorer] Soundsyst.exe
O4 - HKLM\..\RunServices: [System Stats]
SystemStats.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program
Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SFP] C:\Program Files\Common
Files\Verizon Online\SFP\vzSFPWin.EXE /s
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe
-cnetwait.odl
O4 - HKCU\..\Run: [System Stats] SystemStats.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program
Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Verizon Online Support Center.lnk
= C:\Program Files\Verizon
Online\SupportCenter\bin\matcli.exe
O9 - Extra button: AIM -
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program
Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O17 -
HKLM\System\CCS\Services\Tcpip\..\{AA498336-F703-4C7F-8246-7A880A53793A}:
NameServer = 151.203.0.84 151.203.0.85
Similar Threads
Reputation Points: 10
Solved Threads: 0
Newbie Poster
Jwilson1 is offline Offline
1 posts
since Nov 2004
Permalink
Nov 27th, 2004
0

Re: Hijack Log/Spyware problem?

Can you move hjt to a permenant folder please (i.e. one not in a temp directory). Otherwise any backups may be wiped out.
Then reboot and post a new log, making sure all other windows are closed.

Incidentally are you running all your scans from an administrator account?
Reputation Points: 54
Solved Threads: 20
Master Poster
DaveSW is offline Offline
765 posts
since Jul 2004

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
Message:
Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: hijacker.exe help, have no clue what's causing problem and don't want to delete good
Next Thread in Viruses, Spyware and other Nasties Forum Timeline: norton antivirus 2002





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC