Over 1 million tech questions and answers.

HJT Log - I think I'm clean, just wanted someone to check!

Q: HJT Log - I think I'm clean, just wanted someone to check!

Hey all,

I think my system is clean, but just wanted someone with a bit more knowledge to take a look at my hijackthis log. Thanks!

Logfile of HijackThis v1.98.2
Scan saved at 11:24:50 PM, on 12/13/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE
C:\Program Files\Executive Software\Diskeeper\DkService.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\LVCOMSX.EXE
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\devldr32.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Documents and Settings\Ryan Belding\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R3 - Default URLSearchHook is missing
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [StarSkin] C:\PROGRAM FILES\ROCKET DIVISION SOFTWARE\STARSKIN\STARSKIN.EXE -H
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O15 - Trusted Zone: *.musicmatch.com
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1100112586218
O16 - DPF: {6632A7E9-FE1F-43D2-A04A-A15951ED63E0} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - http://bhaex.biancohopkins.com/TSWeb/msrdp.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab

RELEVANCY SCORE 200
Preferred Solution: HJT Log - I think I'm clean, just wanted someone to check!

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: HJT Log - I think I'm clean, just wanted someone to check!

Hi rb34799, welcome to TSG.

You can remove these minor entries:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
R3 - Default URLSearchHook is missing

Check the entries in HJT, and click Fix.

Overall, the log is fine.

Read other 1 answers
RELEVANCY SCORE 74.4

Hello..
I went through and ran ad-aware, spybot, and cwshredder.. I had them fix everything that they found.. I just want to be sure that my HJT log is clean.

Thanks

Logfile of HijackThis v1.99.1
Scan saved at 10:19:23 AM, on 3/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
C:\WINDOWS\system32\rundll32.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Microsoft Money\System\urlm... Read more

A:Just wanted to check if log is clean

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to Subscribe to this thread (Thread Tools) so that you are notified when you receive a reply.

Please be patient with me during this time.

Read other 6 answers
RELEVANCY SCORE 72.8

This computer still has the occasional unkown popup even after all spyware and adware has been deleted using the programs suggested on this site. Thanks for any help you can give.Logfile of HijackThis v1.99.1Scan saved at 5:30:45 PM, on 1/27/2006Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\PackethSvc.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\PROGRA~1\NORTON~1\navapw32.exeC:\Program Files\Microsoft Works\WksSb.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exeC:\Program Files\Microsoft AntiSpyware\gcasDtServ.exeC:\WINDOWS\wanmpsvc.exeC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\etb\pokapoka79.exeC:\Program... Read more

A:Trying To Clean Up A Computer Just Wanted To Check Hijack Too

Hello compNerd,We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.Click here: http://www.microsoft.com/windowsxp/downloa...p1/default.mspxApply the update, reboot, and post a fresh Hijack This log.

Read other 1 answers
RELEVANCY SCORE 53.2

Hi guys
So I've just started to use my new Windows 7 PC properly. My 6 year old XP machine has been chucked in the cellar, never to be seen again. This new PC has an 80Gb SSD and a 1TB samsung HDD (partitioned into 2). It's main use will be everything but heavy gaming.

What's with restore points? I made a restore point thing straight away, but was wondering things like do I just need 'C' to have protection tured on? and how much space should I allow system restore to use (I upped it to 5Gb but I've no idea what it needs)
I'm also installing Acronis True Image 2010 as this was a lifesaver several years back. Plus Nero and a few other bits, but should I keep these off the SSD?

Any other good tips to keep everything in good shape? Any software you'd swear by?

Thanks for helping

A:New clean PC. Tips wanted (on everything)

  
Quote: Originally Posted by Marmaduck


My 6 year old XP machine has been chucked in the cellar, never to be seen again.


Really? Does it still boot? I'll take it if you don't want it. I bet it'll run Linux just fine.

As far as the other, some pretty good info here:

http://www.sevenforums.com/tutorials/?filter[3]=Installation%20and%20Setup

and here:

http://www.sevenforums.com/tutorials/?filter[2]=Performance%20Maintenance

Read other 1 answers
RELEVANCY SCORE 53.2

Im having no problems at this time,but my home page has been Hijacked a few times.I just wanted to make sure Im Clean. Thank you for your time it is greatly appreciated.



====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 3/2/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
C:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.... Read more

A:Hijack this Log Wanted to see if IM clean

Hi rmightymite

The only ons i see are these

Run hijackthis withall browsers closed and put a check next to these
and click fix


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.hpwis.com/

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/22b9ed2...ip/RdxIE601.cab

and post another log


Lobos

Read other 4 answers
RELEVANCY SCORE 53.2

i don't know if i have any problems but when i was going throuugh preparation guide it said to post these results here Logfile of HijackThis v1.99.1Scan saved at 7:01:40 PM, on 5/26/2007Platform: Unknown Windows (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16386)Running processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\hp\support\hpsysdrv.exeC:\Windows\RtHDVCpl.exeC:\Program Files\HP\HP Software Update\hpwuSchd2.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\VistaCodecPack\QT\qttask.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\System\btorrent16.exeC:\Program Files\PowerISO\PWRISOVM.EXEC:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Compaq Connections\3572475\Program\Compaq Connections.exeC:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXEC:\Program Files\uTorren... Read more

A:Wanted Someone To Check This For Me

Go to http://www.virustotal.com/en/indexf.html and upload the following file:C:\Program Files\Common Files\System\btorrent16.exePost the result of it here.

Read other 3 answers
RELEVANCY SCORE 53.2

yea, i just wanted someone with some computer expierence to check out my log file or w/e and see if they see any thing suspicious.Logfile of HijackThis v1.99.1Scan saved at 8:30:38 AM, on 7/10/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\arservice.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exeC:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exeC:\WINDOWS\system3... Read more

A:Just Wanted Someone To Check Out My Pc

Hello there and welcome to BleepingComputer. My name is Charles and I will be dealing with your log.
I apologise for the delay in getting to you. As you may be able to see, our HijackThis Team is very busy at the moment; we try to deal with logs in a first-come-first-served basis, and I'm afraid that your topic may have been overlooked. If you are still having problems please post a brand new HijackThis log as a reply to this topic and I'll take a look at it for you.
Thanks,
Charles

Read other 2 answers
RELEVANCY SCORE 53.2

Hi all I have just registered and would like to know if i have any problems with my pc.
have attatched log file
Thanks in advance
Ckrisrok
Logfile of HijackThis v1.99.1
Scan saved at 22:35:27, on 08/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\... Read more

A:just wanted to check

I guess i dont have any thing to worry about,or someone would have posted a reply...??

Read other 4 answers
RELEVANCY SCORE 53.2

hello,

I was looking at AVG test result last night and it told me that I have a VIRUS called ISTBAR. I have tried to purged it by ad-aware and AVG but i just wanted to make sure if it is actually gone. CAn someone please take a look at my hijack and confirm for me if it is gone or not..

thnx,
tomea

Logfile of HijackThis v1.98.2
Scan saved at 1:55:04 AM, on 1/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userini... Read more

A:just wanted someone to check this for me

http://sarc.com/avcenter/venc/data/adware.istbar.html

This is a removal tool for it
 

Read other 2 answers
RELEVANCY SCORE 52.4

I have two questions actually...

1. My computer freezes whenever I use my AOL 8.0 through the dial-up modem. As soon as I sign off, it will freeze. I tried uninstalling it and reinstalling AOL 8 thinking it was just a basic application error. But now when it goes through the processes of setting it up, it freezes whenever it gets to the automatic internet connection wizard thing. But I know my settings pretty well, and went into expert setup and set it up for a TSP/ IP LAN connection since I have a Cable modem. But when I do sign on a window pops up where the buddy list should be saying 'AOL has detected an error with your connection to the Internet. Please exit the AOL software, restart your computer, and then sign on again." Which I have a handful of times, but didnt fix the problem. I cant access the internet nor my buddy list through AOL.

2. I have a partitioned 120 GB hard drive. On one drive I keep all my computer files and program files. And on the other half I keep all my MP3s, Movies, and Pictures. I was told its best to do this in case I have to clean my OS off and reinstall everything my music and movies wouldnt get lost. I want to clean out my hard drive that has all the OS and the computer files on it because I get a lot of random junk pop-ups online and cant seem to get rid of them. If I completely reinstall a clean slate XP will I loose whats on the other half of the partitioned hard drive? And is this the best way to get rid of all the junk on my ... Read more

Read other answers
RELEVANCY SCORE 52.4

I have made a digital recording of a meeting at work with everyones permission but it has not come out as clear as I expected, would anybody be able to help me either to clean it up so that it is not so fuzzy or point me in the direction of some free software that may be of help.

Many Thanks

Lockeyp
 

Read other answers
RELEVANCY SCORE 52.4

So this morining I guess I picked up some kind of malware. I started getting all kinds of pop ups and my some sites would not open. I ran mawarebytes anti malware and it removed about 16 items. I also ran AVG which found a few things. The system seems to be ok now but I am posting my HI JACK this log if anyone can look it over. I want to know if I am clean or not...Thanks in advance

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:17:00 AM, on 5/2/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common

Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\AvidSDMService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\runservice.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA... Read more

A:Hi Jack this log. I ran some fixes but wanted to see if I am clean now.

Please do not create multiple threads for the same problem.
Continue here: http://forums.techguy.org/malware-removal-hijackthis-logs/823740-hi-jack-log-i-ran.html
 

Read other 1 answers
RELEVANCY SCORE 52.4

Logfile of HijackThis v1.99.0Scan saved at 7:54:40 PM, on 2/13/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\System32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\cisvc.exeC:\WINDOWS\System32\CTsvcCDA.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exeC:\PROGRA~1\Iomega\System32\AppServices.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\MsPMSPSv.exeC:\Program Files\Iomega\AutoDisk\ADService.exeC:\WINDOWS\System32\cidaemon.exeC:\WINDOWS\System32\cidaemon.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\BCMSMMSG.exeC:\WINDOWS\System32\DSentry.exeC:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exeC:\Program Files\Common Files\Dell\EUSW\Support.exeC:\SCANJET\PrecisionScanLT\hppwrsav.exeC:\Program Files\Iomega\AutoDisk\ADUserMon.exeC:\Program Files\Iomega... Read more

A:Just wanted a check up. atapp HJT log

Show hidden fileshttp://www.short-media.com/forum/showpost....588&postcount=3Place a checkmark next to these entries, close all browsers and windows, and have HijackThis fix them by clicking Fix Checked: R3 - Default URLSearchHook is missingO2 - BHO: (no name) - {DC514A67-FBD5-F401-D913-8C1DF663449F} - C:\WINDOWS\system32\ohyftmb.dllO4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Anthony\Application Data\eetu.exeO4 - HKCU\..\Run: [Rnd] C:\WINDOWS\system32\??ool32.exeReboot your computer into Safe ModeThen delete these files or directories (Do not be concerned if they do not exist):C:\WINDOWS\system32\ohyftmb.dllC:\Documents and Settings\Anthony\Application Data\eetu.exeReboot back to normal mode.Launch Notepad, and copy/paste the box below into a new text file. Save it as FindFile.bat and save it on your Desktop.dir C:\WINDOWS\system32\??ool32.exe /a h > files.txtnotepad files.txtLocate FindFile.bat on your Desktop and double-click on it. It will open Notepad with some text in it. Please post the text here. And please post a new hijackthis log.

Read other 1 answers
RELEVANCY SCORE 52.4

HeyI just wanted an expert like you guys to look over my HiJackthis scan before I did a full backup of my hard drive. I really appreciate it!--------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:45:17 AM, on 4/11/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16640)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\ProcessGuard\dcsuserprot.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Symantec AntiVirus\Rtvscan.exeC:\WINDOWS\system32\igfxtray.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\ProcessGuard\pgaccount.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Proce... Read more

A:Wanted A Check Before I Backed Up My Hd

Nothing wrong here at all, clean log!!

Read other 3 answers
RELEVANCY SCORE 52

Here's my hijackthis log:

Logfile of HijackThis v1.96.1
Scan saved at 9:02:53 PM, on 17/08/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\HPQ\ONE-TO~1\OneTouch.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\WLANSTA.EXE
C:\Program Files\Messenger Plus! 2\MsgPlus.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinAce\WinAce.exe
C:\Documents and Settings\Owner\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us4nb.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://src... Read more

A:hijackthis log - i'm new, and i just wanted to make sure my computer's clean :)

Ricky
Welcome to TSG!
I see nothing suspicious in your log. Are you having a problem?

Dave
 

Read other 2 answers
RELEVANCY SCORE 52

I ran Microsoft Security Essentials on Windows 7.
 
It found and removed
Trojan:Win32/Nebuler.K
Exploit:Win32/Pdfjsc.MZ
Trojan:Win32/Dynamer!dtc
Exploit:Java/CVE-2010-0840
Exploit:Java/CVE-2009-3867
Exploit:Java/Midesq.A
Exploit:Java/CVE-2010-0842
Exploit:Java/CVE-2008-5353
 
I ran Malwarebytes Anti-Rootkit and it found
HKCU\SOFTWARE\Antimalware Doctor Inc (Rogue.AntimalwareDoctor)
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MSSMSGS (Backdoor.Bot)
 
guess I was just wondering what else I could do to get cleaned up.
 
I also get "There was a problem starting winlkv32.rom The specified module could not be found" popup on startup

A:Just wanted to make sure my computer was clean, any advice?

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Up... Read more

Read other 1 answers
RELEVANCY SCORE 52

I'm looking for a free utility that does the following: Let's say you have a C drive that's at 95% capacity and you've deleted all the obvious stuff. You go to the "user name" folder and check properties to find that it's the offending folder using 80% of the drive space. BUT, on inspection of each individual folder, each folder only adds up to a much smaller number compared to the top level folder, let's say 60%. Where's the remaining 20% of the data sitting? Maybe I missed a folder, but tedious to do this manually and get it right.

There has to be an app that scans a drive cataloging every folder and tallying up the space usage of each folder down to the bottom level, then displays the results starting with the biggest space hog folder on top and indicating the space used in GB. This would allow you to immediately target the offending folder (and files) no matter how deep it's nested.

Ever heard of such a thing?

Thanks for considering my problem!
 

A:Solved: WANTED: disk clean-up utility

Read other 7 answers
RELEVANCY SCORE 51.2

Hi, new on here, wondered if someone can help?

I have read through many of the threads on here and they have been very helpful - hopefully I've sorted my issue out, but just wanted to run it by someone who knows what they are talking about i.e. not me!!

I have an HTPC that I put together myself about 18 months ago - all has worked fine, I've had the odd BSOD but not enough to worry about -maybe I should of in hindsight.

I have a few HDDs for storage and an SSD split in two partitions; 50GB for the OS and the remaining 163GB for TV recordings etc...

We experienced a BSOD during the day yesterday whilst watching normal TV and then whilst watching Jack Reacher last night (backed up Blu-Ray) the HTPC crashed - it was as if we had had a power cut, no BSOD etc... it turned itself on and attempted to reboot, but everytime it went past the Windows logo it had a BSOD.

There were various codes that I noted, mostly; ataport.sys, msahci.sys or win32.sys and they happened on every reboot, whether in safe mode, normal or trying to access the windows repair tool. Eventually I got into the repair tool and ran a memory test - no issues and disk checks - no issue on the OS partition but there were issues on the Recorded TV partition. All other hard drives and DVD drive had been disconnected by this point.

Still no luck in booting up, so I disconnected the SSD and connected it to a different PC and ran a malwarebytes scan, to which it found nothing.

I formatted the recorded TV par... Read more

A:Constant BSOD - hopefully solved, just wanted to check

Please follow steps outlined here to get BSOD help:

http://www.sevenforums.com/crashes-d...tructions.html

Read other 4 answers
RELEVANCY SCORE 51.2

I wanted to check out the programs that come with Java SDK but when I try to run them DOS comes up with an error. How do people write programs that don't use DOS?!?
 

Read other answers
RELEVANCY SCORE 50.8

Hi
I am new here. I was surfing and this forum came up in the search results.

I have started using gmail but miss the automatic spell and grammar check of MS Outlook.

I'm curious to know whether people like gmail. I have got used to not capitalizing i when i type and i think i need a grammar check to do that. Are there any free grammar and or spelling checkers that anyone could recommend?

Thanks
gerri
 

A:wanted - free spell and grammar check for gmail

Read other 16 answers
RELEVANCY SCORE 49.6

Hello Everyone!

I was checking my grandmother's computer, which was unbearably slow. She hadn't run her virus scan in about 2 years... (-_-) so I figured that was the problem (since she didn't download much of anything).

Guess as it turns out, some other grandkids had been noodling around on MSN and clicked an exe file or something, because suddenly the scanner came up with several alerts to the TR/Crypt.CFI.Gen. Deleted it via the virus scan, but I did some extra searching and I found a post in your forums saying to use HijackThis to double check if the components were uninstalled or not.

I ran HijackThis and it came up with a log I don't understand. Not to mention when I clicked the SendLog button it told me to send it to this forum.

I was wondering, am I in the clear now? (Or is it still hiding?)

A:HijackThis Scan Info, Wanted to double check I cleaned out a trojan.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 45.6

Where can i learn which firewall to select as an install software and what its features are doing.

Companies have reviews and rankings but i don't see a place to learn what each feature is providing me so i can't find satisfaction and safety after the install.

I'll still lack piece of mind. Even if i install something to protect me from my fears, if i don't know it i still can't sleep at night. Even if safe.

I'd like to protect my files. If there is an intrusion and files leave my computer though a browser add on or other means I'd like for whats stolen to be encrypted. I think a listening port is a port that allows incoming and out going traffic on my computer. I'd like any files encrypted.
When adding a browser add on or updating a software i want protection from an employee of say Java or Adobe. If they steal my files or file names I'd like all out going files to be encrypted automatically.

Browser add ons seem to be an easy way to target people. Anyone who can create something cool probably has the smarts to be malicious. I was down to adblock plus then netflix party was released. Now I'm exposed again. Create a url, send it to friends, watch what you are watching with those that follow the url and you can enjoy a chat box with them. Now I'm exposed to the developer and their agenda.

Read other answers
RELEVANCY SCORE 44

Need to check if PC is clean !

Had numerous Trojans-Malware on PC-stolen passwords!
Ok here we go! Last two weeks someone or something was logging into my Hosting companies server with my password and sending out a lot of spam. On two occasions they sent out 300 emails using a a script "phishing my email address". With Hosting companies help we narrowed it down that they where logging in from a remote location through web-mail "85% sure". After first incident I changed all my passwords and a week later it happen again. So this pointed to my PC being compromised. Please note my PC was running very smoothly and still is through all this,

Ok so I ran numerous scans using the following software...As different software found different thing....

Malewarbytes
CCleaner
Spyboy
Adware-lavasoft
Emsis
Rootkitbuster
AVG-Av-Rootkit-spyware

Here are some of the things found "software says it cleaned successful"

trojankill.av......"personally I think this was the culprit"
win32.autorun.tmp
trojan.win32.agent.abzlz
Win32.SuspectCrc!IK
A0079970.exe Trojan.Trash!IK
trojan horse.dropper.agent.ONV
Ok thats most of them might be more in logs....Anyways I come here to ask for more help checking if system is definitely clean or I am going to reformat. I cant afford anyone to take down my websites on hosting....

Thanks for any help

WINXP PRO Service Pack 3
AVG free version
Sygate Personnal Free "just installed it today"... Read more

A:Need to check if PC is clean !

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 2 answers
RELEVANCY SCORE 44

Before I hook this PC up to the web, can someone look at the HJT log and let me know if anything is wrong. I don't think it had any AV or spyware running on it. If it did it was limited. This is a used PC that I got and I would hate to format it if I don't have to. (Still has a lot of useful programs) It runs slow so I'm sure something is lurking there.
Thanks,



Logfile of HijackThis v1.99.1
Scan saved at 1:00:43 AM, on 3/24/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Atiptaxx.exe
C:\Program Files\Microsoft Office\Office\Osa.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.isp.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcy/d...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://rd.yahoo.com/customize/sbcy/d.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.isp.com
R1 - HKLM\Software\Microsoft\... Read more

A:Used PC, Want to clean and re-use, please check HJT log

It looks good. If you want us to take a deeper look do the following also:

Download StartDreck http://www.greyknight17.com/spy/StartDreck.zip

Unzip to its own folder and start the program:
Press 'Config'
Press 'mark all'

Uncheck the following boxes only:
System/Running Process -> List Modules
System/Drivers -> NT Services
System/Drivers -> NT Kernel- and FS-drivers
Press 'OK'

Press 'Save' and select the location to save the log file (default is the same folder as the application)

Post the log in this thread.

If you have a fast internet connection (broadband), run an online virus scan at TrendMicro http://uk.trendmicro-europe.com/ente...all_launch.php. Just follow the instructions on the site to run the online scan. If any viruses/trojans are detected, try to delete or clean them in that site. Otherwise, make sure your antivirus program has the latest definitions and run a full system scan.

Regarding the antivirus program you should also get a firewall:

You don't seem to have an antivirus program installed. Please download a free one at Grisoft http://free.grisoft.com/freeweb.php. Install it and make sure to check for updates.

You don't seem to have a firewall program installed. Using a firewall will allow you to give/deny access for applications that want to go online. Please download a free one at ZoneAlarm http://www.zonelabs.com.

Read other 2 answers
RELEVANCY SCORE 44

Ref this threadhttp://www.bleepingcomputer.com/forums/t/278164/infected-by-a-trojan/ComboFix 09-12-11.01 - user 12/12/2009 9:58.1.1 - x86Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.407 [GMT 10:00]Running from: c:\documents and settings\user\Desktop\ComboFix.exeAV: avast! antivirus 4.8.1368 [VPS 091210-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}AV: McAfee VirusScan *On-access scanning disabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Personal Firewall Plus *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}SP: Windows Defender *disabled* (Outdated) {FDFE477F-8FE7-4B17-A05C-9D1F9EB603CB}.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).C:\install.exec:\windows\Downloaded Program Files\Quarantinec:\windows\is-8B45G.exec:\windows\patch.exec:\windows\system32\lowsecc:\windows\system32\lowsec\local.dsc:\windows\system32\lowsec\user.dsc:\windows\system32\ntSVc.ocxc:\windows\system32\sdra64.exec:\windows\system32\twain_32.dllc:\windows\twain_16.dll.((((((((((((((((((((((((( Files Created from 2009-11-12 to 2009-12-12 ))))))))))))))))))))))))))))))).2009-12-11 23:39 . 2009-12-11 23:42 -------- d-----w- c:\documents and settings\All Users\Application Data\SITEguard2009-12-11 23:38 . 2009-12-11 23:39 -------- d-----w- c:\program files\STOPzilla!2009-12-11 23:38 . 2009-12-11 23:38 -------- d-----w- c:\program files\Common Files\iS32009-12-11 23:3... Read more

A:I think i am clean now but can you check my log please

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

Read other 24 answers
RELEVANCY SCORE 44

.....I had a few infections and tried to sort them out myself. Just want to make sure its all ok.Logfile of HijackThis v1.99.1Scan saved at 09:25:18, on 03/02/2007Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\CTHELPER.EXEC:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exeC:\WINDOWS\System32\LVCOMSX.EXEC:\Program Files\Logitech\Video\LogiTray.exeC:\Program Files\Java\jre1.5.0_09\bin\jusched.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\System32\ctfmon.exeC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\Program Files\PeerGuardian2\pg2.exeC:\Program Files\Microsoft ActiveSync\wcescomm.exeC:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exeC:\PROGRA~1\MICROS~3\rapimgr.exeC:\Program Files\Logitech\Video\FxSvr2.exeC:\PRO... Read more

A:Could Somebody Just Check To See If This Is Clean.......

Welcome vodkaparrot Download\install CleanUp.Launch CleanUp,then click on 'Options'.Now move the slider on the left up to 'Standard Cleanup!'.Click 'Ok',now run the program by clicking on the 'Cleanup' button.Reboot,or log off/log on when it's finished.Please download DrWeb-CureIt & save it to your desktop. DO NOT perform a scan yet.You should copy/print the following because you need to be in Safe Mode from here on.Reboot your computer into SAFE MODE" using the F8 method. To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".Scan with DrWeb-CureIt as follows:* Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.* Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.* Once the short scan has finished, Click Options > Change settings* Choose the "Scan tab" and UNcheck "Heuristic analysis"* Back at the main window, click "Select drives" (a red dot will show which drives have been chosen)* Then click the "Start/Stop Scanning"... Read more

Read other 4 answers
RELEVANCY SCORE 44

As advised a other coaches, here is the final log of a virus infection I removed. Please let me know if it is clean Thanks guys!Log files:Main:Deckard's System Scanner v20071014.68Run by Andy Chan on 2008-08-09 21:56:38Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore ---------------------------------------------------------------- Last 5 Restore Point(s) --28: 2008-08-10 01:47:05 UTC - RP807 - Deckard's System Scanner Restore Point27: 2008-08-09 18:11:21 UTC - RP806 - System Checkpoint26: 2008-08-08 13:14:04 UTC - RP805 - Software Distribution Service 3.025: 2008-08-07 16:30:58 UTC - RP804 - System Checkpoint24: 2008-08-06 13:37:31 UTC - RP803 - Software Distribution Service 3.0-- First Restore Point --1: 2008-07-16 13:37:03 UTC - RP780 - Software Distribution Service 3.0Backed up registry hives.Performed disk cleanup.System Drive C: has 5.8 GiB (less than 15%) free.-- HijackThis (run as Andy Chan.exe) -------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:02:52 PM, on 09/08/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\... Read more

A:Please Check Whether The Log Is Clean

Hello aommaster,I apologise for the delay, the forum is busy.Using Windows Explore by right-clicking the Start button and left clicking Explore navigate to and find the following Folder:C:\PROGRAM FILES\TRENDMICRO\HIJACKTHISRight-click to create a shortcut on your desktop.----------------------------------------------Disable Windows Defender until the computer is cleanWindows Defender normally provides real-time protection from spyware, however it may interfere with what we need to do. We will disable it until the machine is clean when it can be re-enabled.Open Windows DefenderSelect Tools and then General SettingsUnder Real Time Protection Options uncheck Turn on real-time protectionSelect SaveDon't forget to re-enable it, when your computer is clean.----------------------------------------------Please visit this webpage for instructions for downloading ComboFix at your DESKTOP:http://www.bleepingcomputer.com/combofix/how-to-use-combofixA word of warning: Please do not run ComboFix on your own. This tool is not a toy and not for everyday usePlease ensure you read this guide carefully and install the Recovery Console first.Additional links to download the tool:http://download.bleepingcomputer.com/sUBs/ComboFix.exehttp://www.forospyware.com/sUBs/ComboFix.exehttp://subs.geekstogo.com/ComboFix.exeNote: The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a ... Read more

Read other 16 answers
RELEVANCY SCORE 44

Hello,
At this time wile i see some pictures in google chrome this detection from Avast shown URL: i dont remember what i just close the panel...
What type scan can i do to see if i am infected?

A:Am i clean??? how can i check for sure??

Happened again! URL: http://sites.securepaynet.net/redirect_0.html
                            Infection: URL:Mal
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Read other 3 answers
RELEVANCY SCORE 44

My apologies if this is deemed a repost, but I had originally posted my HJT where I wasn't supposed to, so I edited it out.I have a Dell 700m running XP SP3 and using IE7. AVG FREE V8.5, recently loaded AdAware, and have semi-regularly scanned with SpyBot but apparently not often enough.I was experiencing slow start ups at first, but things progressed to semi-freezing EI windows on about:blank), and eventualy redirected search links when I clicked on them. This over a span of several weeks, with the serious hijacking starting about a week ago. I fought as best I could, but wasn't getting anywhere fast enough for me, so I weighed the option of reformatting or seeking more professional help. I ended getting some help from our IT guy at work. He found and resolved most of my trouuble, but I still had concerns since I was seeing a brief jump to about:blank before my homepage loaded. I did some digging online, and found removal instructions. I did it the "hard way" instread of buying a "removal tool" and thought I was succesful since everything is running well again... until I changed the "new tab" setting in IE7 to open my homepage instead of a blank page. Now it's back? I'm seeing another brief jump to about:blank in the lower left corner of the window before my homepage opens.Q1: Is the about:blank thing a side effect of tabbed browsing in IE instead of hijacking software like several websites indicate?Q2: What other issues might I have that I/we m... Read more

A:I think it's clean, but can someone check it for me?

Hello and to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.-----------------------------------------------------------We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, ... Read more

Read other 13 answers
RELEVANCY SCORE 44

Logfile of HijackThis v1.99.1
Scan saved at 11:24:58 AM, on 1/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
D:\Program Files\Creative\Fatal1ty 1010 Mouse\CTPoint.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Docume... Read more

A:Is It Clean? Check My Log Please!

Clean
 

Read other 1 answers
RELEVANCY SCORE 44

My hdd light has been on more then usual lately and my hdd and motherboard are alittle hot so something maybe using them... thanks for your time..

Deckard's System Scanner v20070426.43
Run by HP_Owner on 2007-04-30 at 17:26:12
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
7: 2007-04-29 22:51:12 UTC - RP48 - Scheduled Checkpoint
6: 2007-04-25 00:42:19 UTC - RP47 - Windows Update
5: 2007-04-24 03:04:44 UTC - RP46 - Installed AVG 7.5
4: 2007-04-24 02:42:36 UTC - RP45 - Installed AVG 7.5
3: 2007-04-24 02:41:42 UTC - RP44 - Removed AVG 7.5


-- First Restore Point --
1: 2007-04-23 02:12:35 UTC - RP42 - Scheduled Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as HP_Owner.exe) --------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 5:27:54 PM, on 4/30/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisof... Read more

A:clean check

bump, its been like 29 hours?

Read other 5 answers
RELEVANCY SCORE 44

I found spyware and removed. I still cannot upload files to my email and IE is still slow. I want to make sure that I removed all of it. Thanks.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:39 AM, on 1/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Syman... Read more

A:I think I'm Clean. Can you please check.

It all looks fine on the surface but what lurks below is anybodies guess...


First off please download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.

Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt to here.
Please attach extra.txt to your post.
To attach a file to a new post, simply Click the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:
C:\Deckard\System Scanner\extra.txt

Click Upload.

What DSS will do:
Create a new System Restore point in Windows XP and Vista.
Clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
Check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

Read other 4 answers
RELEVANCY SCORE 44

You guys have done a great job in fixing my computer and wanted to check to see if everything is clean. here is my Hjt:Logfile of HijackThis v1.99.1Scan saved at 6:19:04 PM, on 03/18/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\system32\crypserv.exeC:\PROGRA~1\Iomega\System32\AppServices.exeC:\WINDOWS\system32\drivers\KodakCCS.exeC:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXEC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\System32\ScsiAccess.EXEC:\WINDOWS\System32\tcpsvcs.exeC:\Program Files\Commo... Read more

A:Can you please check if my pc is clean

Fix this :

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
but otherwise good

Read other 1 answers
RELEVANCY SCORE 44

Logfile of HijackThis v1.99.1Scan saved at 22:07:51, on 06/05/2007Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\CTHELPER.EXEC:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exeC:\WINDOWS\System32\LVCOMSX.EXEC:\Program Files\Logitech\Video\LogiTray.exeC:\Program Files\Java\jre1.6.0_01\bin\jusched.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\System32\ctfmon.exeC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\Program Files\PeerGuardian2\pg2.exeC:\Program Files\Microsoft ActiveSync\wcescomm.exeC:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exeC:\PROGRA~1\MICROS~3\rapimgr.exeC:\Program Files\Logitech\Video\FxSvr2.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1 ... Read more

A:Could Somebody Just Check To See This Is Clean Please!

Hello,

Check and fix next orphaned entry in HijackThis:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

The rest looks clean

Read other 4 answers
RELEVANCY SCORE 44

My computer has been very slow ever since I installed aol and aol's software keeps telling me I have keyloggers when it does it's spyware scan. I have used their software to scan and block it but I'm wondering what else is in there as I references to files that have no names...etc
Thanks so much for the offer to help, Diana

Logfile of HijackThis v1.99.1
Scan saved at 9:50:39 PM, on 9/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda TruPrevent Personal 2005\psimsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AOLCOM~2\ACCAgnt.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Common Files\Aol... Read more

A:Can someone check my log and help clean it up?

I'm pretty sure that keylogger AOL Spyware Protection finds is a false positive.

Click here to download the trial version of Ewido Security Suite:
http://www.ewido.net/en/download/

Install Ewido.
During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido.
It will prompt you to update click the OK button and it will go to the main screen.
On the left side of the main screen click update.
Click on Start and let it update.
DO NOT run a scan yet.

Restart your computer into Safe Mode now.
(Start tapping the F8 key at Startup, before the Windows logo screen).
Perform the following steps in Safe Mode:

* Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK.
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop.

Reboot.

Post a new Hijack This log and the results of the Ewido scan.
 

Read other 1 answers
RELEVANCY SCORE 44

Hey everyone, like it says, I can't open my task manager

heres meh HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 2:59:11 PM, on 7/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PELMICED.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\p2pnetworking.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AIM\aim.exe
C:\Documents and Settings\Shaun\My Documents\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hotmail.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hotmail.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDO... Read more

A:Could someone check my HT log, see if its clean?

Read other 8 answers
RELEVANCY SCORE 44

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 23:17:43, on 19/01/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\RtHDVCpl.exeC:\Program Files\Common Files\aol\1185852480\ee\aolsoftware.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Picasa2\PicasaMediaDetector.exeC:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\System32\rundll32.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exeC:\Progr... Read more

A:Need check log if clean

Hello bananaskinsorry for the delay your logs are looking clean Please do an online scan with Kaspersky WebScannerClick on Accept ButtonYou will be promted to install an ActiveX component from Kaspersky, Click Yes.The program will launch and then begin downloading the latest definition files:Once the files have been downloaded click on NEXT
Now click on Scan SettingsIn the scan settings make that the following are selected:Scan using the following Anti-Virus database:Extended (if available otherwise Standard)
Scan Options:Scan Archives
Scan Mail BasesClick OKNow under select a target to scan:Select My ComputerThis will program will start and scan your system.The scan will take a while so be patient and let it run.Once the scan is complete it will display if your system has been infected.Now click on the Save as Text button:Save the file to your desktop.Copy and paste that information in your next post.

Read other 6 answers
RELEVANCY SCORE 44

Hello everyone,

I cleaned up a friends pc with ur help, thought u could check the HT log 4 my own pc to make sure spybot & ad-aware missed nothing.

Logfile of HijackThis v1.96.4
Scan saved at 04:01:18, on 16/09/03
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v5.50 SP1 (5.50.4522.1800)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\ZONELABS\MINILOG.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\CNXDSLTB.EXE
C:\PROGRAM FILES\D-TOOLS\DAEMON.EXE
C:\WINDOWS\SYSTEM\HFFSRV.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZAPRO.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.superwebsearch.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.superwebsearch.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.superwebsearch.com/ie/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.superwebsearch.com/ie/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.superwebsearch.com/ie/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet... Read more

A:tell me im clean - HT log check

Read other 12 answers
RELEVANCY SCORE 44

I just want to know if there's anything that stands out in this log.Logfile of HijackThis v1.99.1Scan saved at 12:20:24 AM, on 4/22/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Network Associates\Common Framework\FrameworkService.exeC:\Program Files\Network Associates\VirusScan\mcshield.exeC:\Program Files\Network Associates\VirusScan\vstskmgr.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\BCMSMMSG.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Dell\AccessDirect\dadapp.exeC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Del... Read more

A:Just To Check If It's Clean

Hello,

I can't see anything suspicious here.

Read other 2 answers
RELEVANCY SCORE 44

well here you are you wonderful talented people that can make something of these logs. I just wanted to do a routine check to see that my computer is running fine. I thought I'd do a HJT scan and just do a little bit of spring cleaning. here's the log, hope it's alright.

Logfile of HijackThis v1.99.1
Scan saved at 1:13:36 PM, on 09/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Hijack this\HijackThis.exe

O2 - BHO:... Read more

A:please check my HJT log, not sure if it's clean

http://www.liutilities.com/products/wintaskspro/processlibrary/jusched/

Don't see any tools - Log is fine

Get all of these and/or verify you have the current versions

SpywareBlaster 3.5.1 http://majorgeeks.com/download2859.html
SpyBot V1.4 http://www.majorgeeks.com/download2471.html
AdAware SE 1.06 http://www.majorgeeks.com/download506.html
MS Windows Defender - http://www.microsoft.com/downloads/...E7-DA2B-4A6A-AFA4-F7F14E605A0D&displaylang=en (XP and W2K only)

DownLoad them (they are free), install them, check each for their
definition updates and then run AdAware, MS AntiSpy (W2k/XP) and Spybot, fixing anything they say.

In SpywareBlaster - Always enable all protection after updates
In SpyBot - After an update run immunize

Check for updates and run weekly
 

Read other 2 answers
RELEVANCY SCORE 44

Hello all,I had a problem where all links from google linked to a website called copy-book or something of the sort which the redirected me to spam websites.This would only happen 2/3 times and it was manageable but i thought id better make sure because i don't want it spreading over the network or getting any worse (plus this is my new laptop, my pride and joy)I followed the instructions and downloaded ad aware, spybot updated zone alarm and followed the pre hijack list programs and they all picked up things my AVG Anti Virus didnt and they were all deleted and so far it seems to work but i just want to make sure that im completely clean. This is my Hijack this Log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:00:36 PM, on 16/11/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Apoint2K\Apoint.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\... Read more

A:I think its clean I just need to check

Hi,

There is still some trace of malware on this PC. Sorry about the wait, we?re very busy. If you still need help please post a fresh HiJackThis log and I will review it.

jedi

Read other 1 answers
RELEVANCY SCORE 44

Hello,
At this time wile i see some pictures in google chrome this detection from Avast shown URL: i dont remember what i just close the panel...
What type scan can i do to see if i am infected?

A:Am i clean??? how can i check for sure??

Well George let's do these...MiniToolBoxPlease download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.TDSSKillerDownload TDSSKiller and save it to your desktop.Extract (unzip) its contents to your desktop.Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.AdwCleanerPlease download AdwCleaner by Xplode and save to your Desktop.Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 use... Read more

Read other 10 answers
RELEVANCY SCORE 43.6

Logfile of HijackThis v1.99.1
Scan saved at 18:46:20, on 19/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Billionton\Bluetooth Software\bin\btwdins.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Billionton\Bluetooth Software\BTTray.exe
C:\Program Files\Billionton\Bluetooth Software\BTStackServer.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinAce\WinAce.exe
C:\DOCUME~1\Mats2\LOCALS~1\Temp\~AceTemp\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/...k/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://broadband.blueyonder.co.uk/
R1 - HKLM\Software\Microsoft\Internet... Read more

A:Quick check to see if i'm clean pls.

Anyone had a chance to look? everything seems ok but just removed spyware and was wondering if it has all gone. A quick check would be appreciated.

Many thanks
 

Read other 2 answers
RELEVANCY SCORE 43.6

Hoping someone can just have a look over to see if I am still clean..?Thanks a heap guys!Logfile of HijackThis v1.99.1Scan saved at 11:05:23 AM, on 21/10/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton AntiVirus\IWP\NPFMntor.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\Program Files\Norton AntiVirus\SAVScan.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program File... Read more

A:Hoping Someone Can Check If I Am Clean...?

YepGet all of these and/or verify you have the current versionsSpywareBlaster 3.5.1 http://majorgeeks.com/download2859.htmlSpyBot V1.4 http://www.majorgeeks.com/download2471.html AdAware SE 1.06 http://www.majorgeeks.com/download506.html MS Windows Defender - http://www.microsoft.com/downloads/details...;displaylang=en (XP and W2K only)DownLoad them (they are free), install them, check each for their definition updates and then run AdAware, MS Defender (W2k/XP) and Spybot, fixing anything they say.In SpywareBlaster - Always enable all protection after updatesIn SpyBot - After an update run immunize Check for updates and run weekly

Read other 2 answers
RELEVANCY SCORE 43.6

I've done all the spybot, adaware, virus checks etc and they all show clear now but I'm suspicious of a couple of things that show as running - hjt log below (I had some unwanted things install themselves and want to avoid them coming back)

Logfile of HijackThis v1.98.2
Scan saved at 19:19:37, on 19/10/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\E_S10IC2.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\POPROXY.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\ALZEGNNF.EXE
C:\PROGRAM FILES\SECRETMAKER\SECRETMAKER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neopets.com/
O2 - BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_4.DLL
O2 - BHO: IeHelper Class - {A491D208-B353-490F-B81A-A8A3DC97042D} - C:\PROGRA~1\SECRET~1\SMIEHLP.DLL
O2 - BHO: Google Toolbar Helper -... Read more

A:Please check if clean (I suspect not)

Read other 16 answers
RELEVANCY SCORE 43.6

Got spywares etc in my comp but im sure I cleaned it all already. Can someone verify it?
HiJack Log:

ogfile of HijackThis v1.98.0
Scan saved at 6:37:39 PM, on 9/17/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\gearsec.exe
C:\WINNT\system32\NMSSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\WINNT\Mixer.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Winad Client\Winad.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\Program Files\Winad Client\WinClt.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\SpywareGuard\sgbhp.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\WINNT\system32\svchost.exe
E:\Program Files\Netscape\Communicator\Program\AIM\aim.exe
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\PROGRA~1\mcafe... Read more

A:Check if Clean(Hijack log)please!

Read other 7 answers