Over 1 million tech questions and answers.

Checkup / Diagnostics

Q: Checkup / Diagnostics

I have been having some minor issues with Windows XP lately, and would like to ask if anyone knows of any good checkup/diagnostics/tuneup software that can locate and repair problems within Windows XP? Thanks

RELEVANCY SCORE 200
Preferred Solution: Checkup / Diagnostics

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Checkup / Diagnostics

Read other 8 answers
RELEVANCY SCORE 35.6

Just dropping by the check on my other computer.Logfile of HijackThis v1.99.1Scan saved at 12:39:27 AM, on 5/27/2038Platform: Windows 2000 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\WBEM\WinMgmt.exeC:\WINDOWS\Explorer.exeC:\Documents and Settings\House2\Desktop\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.begin2search.com/sidesearch.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.begin2search.com/sidesearch.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htmR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon OnlineR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet S... Read more

A:Just a Checkup

Hi,Close all your running programs. Run Hijackthis and place a check next to the following.R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.begin2search.com/sidesearch.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.begin2search.com/sidesearch.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.begin2search.com/sidesearch.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htmR3 - Default URLSearchHook is missingO2 - BHO: (no name) - SOFTWARE - (no file)O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exeO4 - HKCU\..\Run: [Ptwc] C:\Documents and Settings\David Heinecke\Application Data\lloe.exeO8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm47533close all your internet explorer windows and click fix in hijackthis. Now locate the following files and delete themFiles:c:\installer\id53.exeC:\Documents and Settings\David Heinecke\Application Data\lloe.exeNow Download the following Anti-Spy , Cleanup!, CWshre... Read more

Read other 3 answers
RELEVANCY SCORE 35.6

Logfile of HijackThis v1.99.1Scan saved at 20:14:10, on 19/01/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\WINDOWS\system32\spoolsv.exeC:\Acer\eManager\anbmServ.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\acer\epm\epm-dm.exeC:\WINDOWS\svchost.exeC:\Program Files\Arcade\PCMService.exeC:\Program Files\Launch M... Read more

A:Just A Checkup

Please download http://www.atribune.org/ccount/click.php?id=4 to C:\Double-click VundoFix.exe to run it.click the Scan for Vundo button.Once it's done scanning, click the Remove Vundo button.You will receive a prompt asking if you want to remove the files, click YES.Once you click yes, your desktop will go blank as it starts removing Vundo.When completed, it will prompt that it will shutdown your computer, click OK.Turn your computer back on.Please post the contents of C:\vundofix.txt and a new HijackThis log.Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears at reboot.=====================Download Superantispywarehttp://www.superantispyware.com/superantis...efreevspro.html Install it and double-click the icon on your desktop to run it.? It will ask if you want to update the program definitions, click Yes.? Under Configuration and Preferences, click the Preferences button.? Click the Scanning Control tab.? Under Scanner Options make sure the following are checked:o Close browsers before scanningo Scan for tracking cookieso Terminate memory threats before quarantining.o Please leave the others unchecked.o Click the Close button to leave the control center screen.? On the main screen, under Scan for Harmful Software click Scan your computer.? On the left check C:\Fixed Drive.? On t... Read more

Read other 11 answers
RELEVANCY SCORE 35.6
Q: Checkup

No problem as so far. I'm posting this for check up if I have hidden problems. Did the virus check and nothing found. Thanks in advance :D

Deckard's System Scanner v20070905.67
Run by Owner on 2007-09-26 06:29:42
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
41: 2007-09-25 22:29:57 UTC - RP144 - Deckard's System Scanner Restore Point
40: 2007-09-23 23:16:30 UTC - RP143 - Removed Dora Fairytale Adventure
39: 2007-09-22 22:44:33 UTC - RP142 - System Checkpoint
38: 2007-09-21 20:43:20 UTC - RP141 - Uniblue RegistryBooster
37: 2007-09-21 20:41:18 UTC - RP140 - Uniblue RegistryBooster


-- First Restore Point --
1: 2007-06-26 20:03:01 UTC - RP104 - Installed Java(TM) SE Runtime Environment 6 Update 1


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-09-26 06:31:32
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe ... Read more

A:Checkup

Hi,

Looks like there are some malware issues present.
You have one of those USBpen drives?
Don't use it anywhere for now please. I think its infected too and this requires a special too to clean it.
If you use it on another computer you are going to spread the infection to other computers.

If you still need help please post a fresh dss scan log set here.
Run it a bit different though please.
And I would like to make sure you have the latest one.

Delete the dss.exe you have now and.....

Download Deckard's System Scanner to your Desktop.:

http://www.techsupportforum.com/sect...eckard/dss.exe
http://deckard.geekstogo.com/dss.exe

Click the Windows 'Start' button > Select 'Run' - then copy/paste this into the run box & click OK
"%userprofile%\desktop\dss.exe" /config
Click on "Check All"

Click Scan!

When finished, it shall produce two log for you (main.txt & extra.txt)

Post the main.txt and attach the "extra.txt"

To attach a file to a new post, simply
Click the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:

C:\Deckard\System Scanner\Extra.txt

Click Upload.

What DSS will do:
--create a new System Restore point in Windows XP and Vista.
--clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on ... Read more

Read other 19 answers
RELEVANCY SCORE 35.6

I used Combofix to Creat this Log Please Check it and feed back me if any wrong with it :)

ComboFix 07-10-12.1 - doit 2007-10-11 9:01:55.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.428 [GMT 3:00]
Running from: C:\Documents and Settings\doit\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-09-12 to 2007-10-12 )))))))))))))))))))))))))))))))
.

2007-10-11 09:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-10 23:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2007-10-10 23:12 <DIR> d-------- C:\Documents and Settings\doit\Application Data\Nokia
2007-10-10 23:12 <DIR> d-------- C:\Documents and Settings\doit\Application Data\Nokia
2007-10-10 23:12 <DIR> d-------- C:\Documents and Settings\doit\Application Data\Nokia
2007-10-10 23:11 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2007-10-10 23:11 <DIR> d-------- C:\Program Files\Nokia
2007-10-10 23:11 <DIR> d-------- C:\Program Files\DIFX
2007-10-10 23:11 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2007-10-10 23:11 <DIR> d-------- C:\Program Files\Common Files\Nokia
2007-10-10 23:11 <DIR> d-------- C:\Documents and Settings\doit\Application Data\PC Suite
2007-10-10 23:11 <DIR> d-------- C:\Documents and Settings\doit\Application Data\PC Suite
2007-10-10 23:11 <DIR> d-------- C:\Documents and... Read more

Read other answers
RELEVANCY SCORE 35.6

Can somebody please look at this and tell me if there is anything wrong with this and if so how to fix it?Logfile of Trend Micro HijackThis v2.0.0 (BETA)Scan saved at 8:30:25 AM, on 3/30/2007Platform: Windows XP SP2 (WinNT 5.01.2600)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Comodo\Firewall\cmdagent.exeC:\Program Files\McAfee\Common Framework\FrameworkService.exeC:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exeC:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\SYSTEM32\USRmlnkA.exeC:\WINDOWS\system32\CTHELPER.EXEC:\Program Files\Comodo\Firewall�... Read more

A:Just A Checkup

Welcome to the BleepingComputer HijackThis forum JCCK Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546You are well advised to remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present:ViewpointViewpoint ManagerViewpoint Media PlayerThen reboot.**************************Download\install CleanUp.Launch CleanUp,then click on 'Options'.Now move the slider on the left up to 'Standard Cleanup!'.Click 'Ok',now run the program by clicking on the 'Cleanup' button.Reboot,or log off/log on when it's finished.**************************Download SmitfraudFix (by S!Ri), to your desktop.Double click on Smitfraudfix.cmdSelect option #1 ? Search, by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).Please copy/paste the content of that report into your next reply,along with a new Hijackthis log.

Read other 5 answers
RELEVANCY SCORE 35.6

I don't have any problems with my computer i just want to do a check, or clean up so to speak to make sure my computer is running at top performance with out any spys in the background ready to pounce on my baby lol.
I'm new to Hijack this, but was wondering if i could get some help. Or some advice.

Here is my HJT log file, look at it and let me know if there is anything i should do.

Thanx in advance!

-Kreativek-

Logfile of HijackThis v1.99.1
Scan saved at 6:26:14 PM, on 6/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\AntiVir PersonalEdition Classic\sched.exe
E:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
E:\Program Files\Microsoft LifeCam\MSCamS32.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\MsPMSPSv.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Creative\ShareDLL\CtNotify.exe
E:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
E:\Program Files\Creative\ShareDLL\MediaDet.Exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\AIM6\aim6.exe
E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\AIM6\aolsoftware.exe... Read more

A:New to HJT, Need a checkup!

Hi and welcome to TSF.

Apologies for any delay in replying, but we have been rather busy lately, and, of course, all our helpers are volunteers.

You do have one infection, so let's start with this tool:


Please download combofix.exe to your desktop.


IMPORTANT - You must place combofix on your desktop!!


Double click combofix.exe & follow the prompts.

When finished, the tool will produce a log for you at c:\combofix.txt. Post that log in your next reply.

Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.



Download Deckard's System Scanner (DSS) to your Desktop . Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - minimised > extra.txt and maximised > main.txt.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt back in this thread (do not attach it).
Please attach extra.txt to your post.


To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.

Read other 11 answers
RELEVANCY SCORE 35.6

Dear moderator.

Kindly check if my log file is clean. Really appreciate your time. Thanks.

Logfile of HijackThis v1.99.1
Scan saved at 9:13:07 PM, on 7/9/2007
Platform: Windows XP SP2, v.2055 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2055)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG... Read more

A:HJT Checkup

I keep getting this message whenever I restart my machine and access Internet. I suspect my system is still not clean. Can someone confirm this?

Read other 1 answers
RELEVANCY SCORE 35.6

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:09:55 AM, on 9/11/2007Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16512)Boot mode: NormalRunning processes:C:\Windows\SYSTEM32\WISPTIS.EXEC:\Program Files\Common Files\microsoft shared\ink\TabTip.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Alwil Software\Avast4\ashDisp.exeC:\Program Files\Java\jre1.6.0_02\bin\jusched.exeC:\Program Files\MSN Messenger\msnmsgr.exeC:\Program Files\Yahoo!\Messenger\YahooMessenger.exeC:\Program Files\Microsoft Location Finder\LocationFinder.exeC:\Program Files\DeskPins\DeskPins.exeC:\Program Files\Microsoft Office\Office12\ONENOTEM.EXEC:\Program Files\TortoiseSVN\bin\TSVNCache.exeC:\Windows\system32\taskeng.exeC:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exeC:\Program Files\Microsoft Office\Office12\ONENOTE.EXEC:\Users\Owner\Desktop\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start... Read more

A:Need A Checkup

Log is still normal, just like last time. Pat yourself on the back for keeping it malware free.There are some empty registry entries you can fix if you like, but they are harmless.R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O13 - Gopher Prefix:

Read other 2 answers
RELEVANCY SCORE 35.6

Hey guys i just need someone to check my hjt log to see how its doing and what should be deleted from it i dont really have any problems i just want to make sure the pc is fine.






Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:38:07 AM, on 5/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Swarmcast\swarmcast-MLB-TV-Mosaic.exe
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHo... Read more

A:Hjt log Checkup

Bump Is this log ok?

Read other 4 answers
RELEVANCY SCORE 35.6

just doing a checkup.

Logfile of HijackThis v1.99.1
Scan saved at 3:54:05 p.m., on 27/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Trend Micro\Internet Security\PccPfw.exe
C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
C:\Program Files\Trend Micro\Internet Security\TMOAGENT.EXE
C:\Program Files\Trend Micro\Internet Security\PCCLIENT.EXE
C:\Program Files\Trend Micro\Internet Security\PCCGUIDE.EXE
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Pro... Read more

A:HJT checkup

hi, need help please

Read other 1 answers
RELEVANCY SCORE 35.6

Its been a while and for some reason is it normal for svchost.exe to explode to around 100k kb's and process for a short while? Heres the logfile

Logfile of HijackThis v1.99.1
Scan saved at 3:15:21 PM, on 4/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Hewle... Read more

A:HJT checkup

Bump.

Read other 2 answers
RELEVANCY SCORE 35.6

I think everyhing is good, but maybe an expert sees something strange;

Logfile of HijackThis v1.99.1
Scan saved at 8:39:46 PM, on 03/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashWebS... Read more

Read other answers
RELEVANCY SCORE 35.6

I have done a few things since my last checkup and thought I should do another.
When I last checked my other checkup I was told to use a program called Combofix, which I am unable to use until the author of the program fixes the problem.


Logfile of HijackThis v1.99.1
Scan saved at 10:09:38 PM, on 2/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\iTunes\iTunes.exe
C:\Documents and Settings\Matthew\My Documents\HijackThi... Read more

A:HJT Checkup

Hi and welcome to TSF

As we have been very busy lately, I apologise for any delay in replying, and of course, all our helpers are volunteers.

Since it has been a few days since you first posted, I need a new log. So please do the following.


Download ComboScan to your Desktop.Close all applications and windows.
Double-click on comboscan.exe to run it, and follow the prompts.
When the scan is complete, a text file will open - ComboScan.txt
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of ComboScan.txt back in this thread (do not attach it).
Another text file will also open, Supplementary.txt.
Please attach Supplementary.txt to your post.


To attach a file to a new post, simplyClick the [Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box: C:\ComboScan\Supplementary.txt

Click Upload.

Read other 1 answers
RELEVANCY SCORE 35.6

Hey guy's i just want to see if my pc is clean i think you are doing a great job keep it up and heres my log.



Logfile of HijackThis v1.99.1
Scan saved at 20:28:39, on 14/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\run32dll.exe
C:\Program File... Read more

Read other answers
RELEVANCY SCORE 35.6

For some reason my DVD-RW drive not working and trying to install anti-virus software from my CD's...here is my logfile

Logfile of HijackThis v1.99.1
Scan saved at 7:12:45 PM, on 2/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Trillian\trillian.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jucheck.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program F... Read more

A:HJ checkup

Bump.

Read other 1 answers
RELEVANCY SCORE 35.6

I get popups from time to time, but it's not a huge distubance. is there anything visibly infectious?Logfile of HijackThis v1.99.1Scan saved at 8:07:11 PM, on 11/17/2006Platform: Unknown Windows (WinNT 6.00.1504) <yes, VistaMSIE: Internet Explorer v7.00 (7.00.5600.16384)Running processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exeC:\Program Files\MSN Messenger\msnmsgr.exeC:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trillian\trillian.exeC:\Program Files\Windows Media Player\wmplayer.exeC:\Users\DSMaster\Documents\hijackthis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost... Read more

A:A Checkup

Updated log, haven't had a reply in 4 days anywayLogfile of HijackThis v1.99.1Scan saved at 3:17:44 PM, on 11/20/2006Platform: Unknown Windows (WinNT 6.00.1504)MSIE: Internet Explorer v7.00 (7.00.5600.16384)Running processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Microsoft Windows OneCare Live\winssnotify.exeC:\Program Files\MSN Messenger\msnmsgr.exeC:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trillian\trillian.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Microsoft Windows OneCare Live\WinSSNotifyE.exeC:\Users\DSMaster\Documents\hijackthis\scanme.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software&... Read more

Read other 8 answers
RELEVANCY SCORE 35.6

How are you doing, its been a while since ive been on this site, and im glad to see everything is going as good. I would like to thank you in advance for your help. This is my HJT log and can you just look it over to see if its clean, i briefly searched it and it seemed clean to me. Here you go,

Logfile of HijackThis v1.99.1
Scan saved at 4:14:09 PM, on 7/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\pctspk.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\ExPLabs.com\LinkScanner\LinkScannerMonitor.exe
E:\Program Files\Verizon\McciTrayApp.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
E:\WINDOWS\system32\RUNDLL32.E... Read more

A:HJT Checkup

Hi mallard32,

We prefer a more comprehensive set of logs to assist in detecting any malware that may be present. Kindly follow the instructions in our sticky topic IMPORTANT - Read This Before Posting For Malware Removal Help If you have any difficulty with any of the steps, move on to the next one.
Be sure to reach Step 5 and post the requested logs in your next reply.

Read other 1 answers
RELEVANCY SCORE 35.6
Q: Checkup

I'm just checking to see if this computer is good or not. It's having problems with Internet Explorer, and I'm not sure what the cause of it is. Don't tell me to get Firefox, or I'll slap you.Logfile of HijackThis v1.99.1Scan saved at 1:56:59 PM, on 8/19/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5450.0004)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\CTsvcCDA.EXEC:\Program Files\Intel\Intel Application Accelerator\iaantmon.exec:\progra~1\mcafee\MCAFEE~2\MssSrv.exec:\program files\mcafee.com\agent\mcdetect.exec:\PROGRA~1\mcafee.com\agent\mctskshd.exeC:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exec:\program files\mcafee.com\vso\mcvsshld.exec:\progra~1\mcafee.com\vso\mcvsescn.exeC:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\UAService7.exeC:\Program Files\Java\jre1.5.0_02\bin\jusched.exeC:&... Read more

A:Checkup

Hello,It's having problems with Internet Explorer, and I'm not sure what the cause of it is. Don't tell me to get Firefox, or I'll slap you.Well, first of all, you have to understand that, when you are using betaversions, as in this case IE7, that it is totally normal that you can have problems. That's why they are called betaversions. So you can't really expect from us that we help to fix the issues that can be caused because of a betaversion. The issues are in the program itself.So, just let us know what EXACT problem you are having...

Read other 11 answers
RELEVANCY SCORE 35.6

Hey I had problems a while ago, just checking to see if they are all gone now.Logfile of HijackThis v1.99.1Scan saved at 1:14:52 PM, on 06/29/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Unable to get Internet Explorer version!Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\cisvc.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\WINDOWS\system32\RunDll32.exeC:\WINDOWS\htpatch.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Lexmark X5100 Series\lxbabmgr.exeC:\Program Files\Java\jre1.5.0_02\bin\jusched.exeC:\Program Files\QuickTime\qttask.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe... Read more

A:Checkup!

Hi supatyson. It looks like you have been taking good care of your computer. The log is clean!

Happy computing.

OT

Read other 1 answers
RELEVANCY SCORE 35.6

Could someone please take a look at this and tell me what to get rid of, thankyou. Logfile of HijackThis v1.99.1Scan saved at 12:03:37 PM, on 6/22/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Sophos\Remote Update\cachemgr.exeC:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\DSentry.exeC:\WINDOWS\System32\ezSP_Px.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exeC:\Program Files\AWS\WeatherBug\Weather.exeC:\Program Files\Sophos\Remote Update\imonitor.exeC:\Program Files\Sophos SWEEP for NT\SWEEPSRV.SYSC:\Program Files\Sophos SWEEP for NT\SWNETSUP.EXEC:\Program Files\Sophos SWEEP for NT\ICMON.EXEC:\hjt\HijackThis.exeR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywayR0 - HKCU... Read more

A:just a checkup

Welcome to the forum.

Scan with Hijack This and put a checkmark next to the following entries.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

Close all browsers and windows and click "fix checked".

That should get everything taken care of, unless you are having a specific problem.

Read other 2 answers
RELEVANCY SCORE 35.6

Need a checkup again please. I don't notice any symptoms but just need to be sure that my laptop is clean.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16520 BrowserJavaVersion: 10.40.2
Run by Administrator56109 at 8:01:57 on 2013-12-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5942.3301 [GMT -5:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCOR... Read more

Read other answers
RELEVANCY SCORE 35.6

I'm not noticing any symptoms of rootkits or virus, but I just need a checkup to see if my laptop is completely clean.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16514 BrowserJavaVersion: 10.40.2
Run by Administrator56109 at 19:39:39 on 2013-10-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5942.2561 [GMT -4:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAnti... Read more

A:Checkup please

Hello maxima2k2,

I'm not seeing any malware in the logs, but that's all I can guarantee - that your logs are clean. It would be irresponsible for any of us to declare a machine 'completely clean'. I wouldn't even say that about my own.

All we can do is utilize tools and scanners available to us, and they are only as good as what they can detect. You've got a good security setup on this machine and between your Anti Virus, and Malwarebyte's Anti Malware, you should be well covered.

Read other 1 answers
RELEVANCY SCORE 35.6

I don't have any symptoms of infection, but I'm going to be making a online purchase soon and want to be absolutely sure that my laptop is clean, thank you.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16496 BrowserJavaVersion: 10.21.2
Run by Administrator56109 at 8:00:27 on 2013-07-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5942.3511 [GMT -4:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNo... Read more

A:Checkup please

Bump please

Read other 6 answers
RELEVANCY SCORE 35.6
Q: checkup

Logfile of HijackThis v1.99.1Scan saved at 12:00:39 PM, on 9/11/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\DSentry.exeC:\WINDOWS\System32\ezSP_Px.exeC:\Program Files\Sophos SWEEP for NT\ICMON.EXEC:\Program Files\Sophos\Remote Update\imonitor.exeC:\Program Files\Sophos\Remote Update\cachemgr.exeC:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exeC:\Program Files\Sophos SWEEP for NT\SWNETSUP.EXEC:\Program Files\Sophos SWEEP for NT\SWEEPSRV.SYSC:\WINDOWS\system32\wuauclt.exeC:\hjt\HijackThis.exeR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywayR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connect... Read more

A:checkup

Is anybody going to reply?//mod edit: Have some patience? This is an all volunteer crew ofHJT Techs helping others. Others are in the time line before you.Every time you add to your post, you set yourself back in the queue!

Read other 9 answers
RELEVANCY SCORE 35.6

Hey guys, computer has been up and down lately in speeds. Could someone check this for me. Thanks so much. Logfile of HijackThis v1.99.1Scan saved at 5:37:55 PM, on 8/21/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16512)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeC:\Program Files\Analog Devices\SoundMAX\Smax4.exeC:\Program Files\Java\jre1.6.0_02\bin\jusched.exeC:\Program Files\ATI Technologies\ATI.ACE\cli.exeC:\Program Files\Microsoft IntelliType Pro\itype.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Pr... Read more

A:Checkup!

Welcome to the BleepingComputer HijackThis Logs and Analysis forum supatyson My name is Richie and i'll be helping you to fix your problems.Copy and paste the following blue text in the Quote box below into Notepad.Click on File(in the menu at the top)>Save as../Save as Type: 'All Files' /File name: fix.reg to your desktop.Then double click on the fix.reg file on your desktopand agree to merge the imformation into the registry,then restart your pc.REGEDIT4[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]"Userinit"="C:\WINDOWS\system32\userinit.exe,"Download\install 'SuperAntiSpyware Home Edition Free Version' from here:http://www.superantispyware.com/downloadfi...ANTISPYWAREFREELaunch SuperAntiSpyware and click on 'Check for updates'.Once the updates have been installed,exit SuperAntiSpyware.Have Hijack This fix the following by placing a check in the appropriate boxes and selecting 'Fix checked'. Make sure all browser and all Windows Explorer windows are closed before fixing:O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O4 - Startup: PowerReg Scheduler.exeO16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/files/insta...FreeInstall.cabO16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} - http://activex.matcash.com/speedtest2.dllExit Hijackthis.Start SuperAntiSpyware.On the main screen click on 'Scan your computer'.Check:... Read more

Read other 5 answers
RELEVANCY SCORE 35.6

Logfile of HijackThis v1.99.1Scan saved at 12:04:37 AM, on 2/12/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exec:\program files\mcafee.com\agent\mcdetect.exec:\PROGRA~1\mcafee.com\agent\mctskshd.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\Program Files\EarthLink TotalAccess\TaskPanl.exeC:\HJT\HijackThis.exeC:\Program Files\Mozilla Firefox\firefox.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.netR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie...ton/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.earthlink.net/partner/more/msie...ton/search.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.earthlink.net/partner/m... Read more

A:Need Checkup

Bump

Read other 13 answers
RELEVANCY SCORE 35.6

Tried running DDS on a machine, saved all three links to desktop and i run the .src one and it says it is not an internal or external command.

Will have more info when i get back to that machine.

A:PC Checkup

Just seeing if there is anything causing problems:



DDS (Ver_09-01-07.01) - NTFSx86
Run by Josh at 8:15:14.42 on Wed 01/14/2009
Internet Explorer: 7.0.6000.16764 BrowserJavaVersion: 1.5.0_12
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.2046.1117 [GMT -5:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\W... Read more

Read other 1 answers
RELEVANCY SCORE 35.6

Just wanted to see if you guys could find anything i need to get rid of.Logfile of HijackThis v1.99.1Scan saved at 1:27:24 PM, on 4/17/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Symantec\pcAnywhere\awhost32.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\system32\crypserv.exeC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\MWS\PollServer.exeC:\MWS\sutmsced.exeC:\MWS\MWSTick.exeC:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exeC:\Program Files\No-IP\DUC20.exeC:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXEC:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NO... Read more

A:Just A Checkup

I'm not trying to bump but i tried to cleanup some stuff myself using the self-help forums. Here are my new logs for Ewido and HJT-------------------------------------------------------- ewido anti-malware - Scan report--------------------------------------------------------- + Created on: 5:51:28 PM, 4/18/2006 + Report-Checksum: 17EA4008 + Scan result: C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt -> TrackingCookie.Pro-market : Cleaned with backup::Report EndLogfile of HijackThis v1.99.1Scan saved at 5:53:33 PM, on 4/18/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Symantec\pcAnywhere\awhost32.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\system32\crypserv.exeC:\Program Files\ewido anti-malware�... Read more

Read other 2 answers
RELEVANCY SCORE 35.6
Q: Checkup

Wanted to get a checkup as my laptop has been acting slower than expected.
The most notable item of concern is the screen flash from time to time. My screen and second monitor will flash black one or two times.
Other times, I will lose control of my mouse for 3-5 seconds.

Any how, here are my logs. Thx.


DDS (Version 1.0) - NTFSx86
Run by SirrinBR at 8:16:54.89 on Tue 12/09/2008
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3574.2440 [GMT -7:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
c:\Program Files\Symantec\SPA\smc.exe
svchost.exe
c:\Program Files\Symantec\SPA\snac.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\WINDOWS\system32\eTSrv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Neoteris\Installer Service\NeoterisSetupService.exe
C:\WINDOWS\system32\StacSV.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files... Read more

A:Checkup

***bump***

Read other 1 answers
RELEVANCY SCORE 35.6

Just want to check up and see if there's anything in this log. *This is different than my other HJT Log topic (this is my desktop, the other is my laptop). Logfile of HijackThis v1.99.1Scan saved at 4:17:45 PM, on 6/15/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\System32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\AntiVir PersonalEdition Classic\sched.exeC:\Program Files\AntiVir PersonalEdition Classic\avguard.exeC:\Program Files\Softex\OmniPass\Omniserv.exeC:\WINDOWS\system32\HPZipm12.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Pure Networks\Network Magic\nmsrvc.exeC:\Program Files\Softex\OmniPass\OPXPApp.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\windows\system\hpsysdrv.exeC:\Program Files\D-Tools\daemon.exeC:\Program Files\AntiVir PersonalEdition Classic\avgnt.exeC:\Program Files\Pure Networks\Network Magic\nmapp.exeC:\Program Files\ATI Te... Read more

A:Checkup #2

Hello again,

Looks good.

Make sure your Java is up to date, like in the other log.

Take care!
tea

Read other 2 answers
RELEVANCY SCORE 35.6
Q: Checkup

I have gotten some virus notifications from Antivir while scanning with Spybot: Search & Destroy. I'm not having any spyware problems (that I can tell), but I'd like to see if there's anything suspicious in my HJT Log: Logfile of HijackThis v1.99.1Scan saved at 3:37:35 PM, on 6/15/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5346.0005)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Microsoft Windows OneCare Live\Antivirus\MSMPSVC.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\AntiVir PersonalEdition Classic\sched.exeC:\Program Files\AntiVir PersonalEdition Classic\avguard.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Microsoft Windows OneCare Live\Firewall\mpssvc.exeC:\Program Files\Pure Networks\Network Magic\nmsrvc.exeC:\Program Files\Microsoft Windows OneCare Live\winss.exeC... Read more

A:Checkup

Hello obededom,Some things to do here. You should know that you're actually doing more harm than good by running 2 Anti Virus programs. (Types here) When you do this both programs compete for resources, and the end result is neither does it's best and can cause system instability. I recommend that you choose the one you want to keep, update it, disable the other one, and use it as an on demand only scan occasionally.I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis! fixes. So please disable TeaTimer by doing the following:1) Run Spybot-S&D2) Go to the Mode menu, and make sure "Advanced Mode" is selected3) On the left hand side, choose Tools -> Resident4) Uncheck "Resident TeaTimer" and OK any promptsYou can reenable TeaTimer once we're done here.Your Java is way out of date, which leaves your computer vulnerable to infection.Updating Java:Go to Start > Control Panel double-click > add/remove programs.Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
It should have a coffee cup next to it:
Select it and click Remove.Then Download and install the newest version from here:http://www.java.com/en/download/manual.jspAfter you complete that task, use 'Control Panel > Add/Remove Programs' to remove ALL earlier versions of Sun java. You remain vulnerable as long as these remain on your syst... Read more

Read other 8 answers
RELEVANCY SCORE 35.6

I went through your KRC Anti-Spyware Tutorial and completed the Hijackthis scan. I would be very thankful if you would please check it to see if I have any problems. See log below:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:47:04 PM, on 9/26/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Common Files\AOL\1149542863\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\HPQ\Quick Launch B... Read more

A:HJT Checkup

Hello and Welcome, cmbtjump. Apologies for any delay in replying, but we have been rather busy lately.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

---------------------------------------------------------------------------------------------

If you still require assistance with this issue, and since it's been several days since your original log was posted, please do this:
Download RSIT by random/random and save it to your desktop.
Double click RSIT.exe to start the tool and click Continue at the disclaimer.
When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of log.txt here.
Please attach info.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\rsit\info.txt

Click Upload.

---------------------------------------------------------------------------------------------

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

Read other 2 answers
RELEVANCY SCORE 35.6

Hi i'm just doing my pc check up.Could u help me to check if my pc is in healthy condition?Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:30:48 AM, on 3/15/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\WLKeeper.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exec:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\WINDOWS\stsystra.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\ATI Technologies\ATI.ACE\cli.exeC:\WINDOWS\syst... Read more

A:Pc Checkup

Hello utopian86,

Welcome back to Bleeping Computer

Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea

Read other 6 answers
RELEVANCY SCORE 35.6
Q: Checkup

Logfile of HijackThis v1.99.1
Scan saved at 3:26:09 PM, on 1/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Matthew\My Documents\HijackThis\HijackThis.exe

F3 - REG:win.ini: load=???
?
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jr... Read more

A:Checkup

Hi and welcome to the Security Forum.

My name is Iain and I will be helping you clean your system.

There's not a great deal showing in your log, so we'll run a scan and see what turns up.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.


Please download combofix.exe to your desktop.

IMPORTANT - You must place combofix on your desktop!!


Double click combofix.exe & follow the prompts.

When finished, the tool will produce a log for you at c:\combofix.txt. Post that log in your next reply.

Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.



Please post back with c:\combofix.txt and a fresh HijackThis Log. Please also let me know how your system is performing now and if you have any specific problems. In order to provide you with the best possible help, please ensure that HijackThis logs are produced only while in Normal Mode.

Read other 1 answers
RELEVANCY SCORE 35.6
Q: Checkup

I recently bought this Dell laptop but the virus protection it came with ran out so I currently do not have any virus protection.My friend suggested I download Spybot Search & Destroy as well as Hijackthis.I am worried that I might get a virus somehow because I use lots of wireless unsecured networks at school.Here is my Log File.Thanks-JessicaLogfile of Trend Micro HijackThis v2.0.2Scan saved at 5:12:16 PM, on 9/14/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v8.00 (8.00.6001.18813)Boot mode: NormalRunning processes:C:\PROGRA~2\McAfee.com\Agent\mcagent.exeC:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exeC:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exeC:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exeC:\Program Files (x86)\Java\jre6\bin\jusched.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Cisco Systems\Clean Access Agent\CCAAgent.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1R1 - H... Read more

A:Checkup

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 35.6

I`m having some problems with my internet not working properly and the guys from the networking support instructed me to post here in order to remove the possibility of being infected.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16385
Run by Eugen at 12:44:06 on 2014-12-11
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4094.2045 [GMT 2:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.... Read more

A:Checkup please

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please explain why this computer has no antivirus program installed and running. This is an open invitation for infection.

It can take as little as eight seconds to infect an unprotected computer.

Please keep this computer offline except when downloading tools and posting in the forum until we get one installed.

Let me know your intentions for an antivirus program, and/or if you need a suggestion.

------------------------------------------------------

I see no sign of infection in your logs. We'll do an online scan to check for remnants.

------------------------------------------------------

Please download Malwarebytes Anti-Malware to your desktop.Double-click mbam-setup-2.0.4.1028.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:Launch Malwarebytes Anti-Malware
A 14-day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabil... Read more

Read other 4 answers
RELEVANCY SCORE 35.6

I don't notice any signs of malware, but I need to know if my laptop is completely clean and make sure nothing is hidden. I've done scans with avira, eset online, malware bytes and super antispyware and all reported clean results, but an opinion from an expert would be really nice. If someone would kindly check to see if my laptop is clean, I would be greatly appreciated. Thank you.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.45.2
Run by Administrator56109 at 20:47:41 on 2014-02-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5942.2850 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\A... Read more

A:Checkup 02.23.14

maxima2k2,

Hi and welcome to TSF.

I am currently reviewing your logs. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please be patient with me during this time.

Read other 13 answers
RELEVANCY SCORE 35.6
Q: Checkup

DDS

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2
Run by Kevin at 21:02:14 on 2013-08-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.2.1033.18.3048.1679 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\lxctcoms.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.ex... Read more

A:Checkup

Hi Solidify. I don't see any indications of malware in those logs. I see you've already created a BSOD thread. I do see this in the attach.txt

Quote:




.
17/08/2013 8:05:21 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80004005: Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition.
17/08/2013 7:57:22 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xff4f2000, 0x00000001, 0x9bb97f97, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 081713-30279-01.
12/08/2013 9:29:31 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
.




Let's run one other tool to look for rootkits.

Download TDSSKiller.exe to your desktop
http://media.kaspersky.com/utilities...tdsskiller.exe
Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, select Skip by changing the default Cure selection at the upper right
Once complete, a log will be produced at the root drive which is typically C:\
For example, C:\TDSSKiller.2.8.16.0_date_time_log.txt
Attach that log, please.

Read other 5 answers
RELEVANCY SCORE 35.6

I scanned with eset online and it found some toolbar/opencandy related stuff. Need to know if my laptop is clean, because I just upgraded my hard drive and want to make a clean image with all current windows updates installed and desktop customized to my liking. Thank you.

A:Checkup again please

Hi and Welcome!!

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
The fixes are specific to your problem and should only be used for the issues on this machine.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
Please be sure to subscribe to the topic if you have not already done so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.
Having said that.... Let's get going!!
----------

Let's get a more thorough look than what ESET is showing.

Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.Disable any antivirus programs du... Read more

Read other 19 answers
RELEVANCY SCORE 35.6

my pc very slow and every now and again when im on a site it will just freeze for a few seconds saying not responding then it will work ...this is very annoying also other people on my msn list was receiving emails from me with links
i first did everything on this site ..
http://www.greyknight17.com/spyware.php
and found a few things but didn't realise till after that u wud need to know what things i found so i'm sorry cant remember ...here's my
hjt list

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:09:14, on 28/03/2010
Platform: Windows Vista SP2 (WinNT 6.0.0.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TomTom... Read more

A:HJT Checkup

Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 35.6

Hello, I just need to know if my laptop is healthy, error, virus, and rootkit free. Thank you. This scan was done on my normal user profile 2 minutes ago, but I don't know why it's showing up as safe mode?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:35:31 AM, on 10/27/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16757)
Boot mode: Safe mode

Running processes:
C:\Windows\system32\igfxsrvc.exe
C:\Windows\Explorer.exe
C:\Program Files\HijackThis\HijackThis v 2.0.0.2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SD... Read more

A:Log checkup please

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 35.6

Can someone check my log to see if it is clean? Thanks!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:25:02 PM, on 1/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\Sy... Read more

A:HJT Checkup

Hello and Welcome.

Log looks ok, but HijackThis is very limited for today's infections. Due to that, we do not use it as our initial analysis tool any longer. If you still require assistance beyond this cursory check....

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 35.6

Hello, I have been getting connections problems on my PC game, not sure if its the game or my computer (getting wierd since Bitdefender was installed) so heres the log:

Logfile of HijackThis v1.99.1
Scan saved at 11:45:11 PM, on 2/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Watch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Greetings Workshop\GWREMIND.EXE
C:\Program Files\Trillian\trillian.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\dl... Read more

A:HJT checkup

Bump.

Read other 9 answers
RELEVANCY SCORE 35.6

Alright, I'm bending the rules a bit to bump this thread due to the fact that these outages are beginning to cut into my summer coursework; I don't particularly care if someone's steamed about doubleposting, but my grades are beginning to suffer.Take a look, wouldn't 'ya?===========Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our MRT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either c... Read more

A:Checkup Pt. 2 : Exactly What's Up

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 11 answers
RELEVANCY SCORE 35.6

hi, just a check up on my comp, everythings runnin fine, anything out of place?

thanks
scott

Logfile of HijackThis v1.99.1
Scan saved at 05:14:08, on 11/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\blueyonder\PCguard\fws.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\blueyonder\PCguard\RPS.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Smart Keystroke Recorder\sma.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\EARLFA~2.EAR\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe
C:\Program Files\MSN Messenger\msnmsgr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.co.uk/
O2 - BHO: DownloadRedi... Read more

A:Just A Checkup

While I will not comment on the Worm I see in your HJT log, this is for the regulars here to handle, I will tell you that the program Spyware Cleaner, is a rogue/junk program that gives false positives- work as goad to purchase

Reference: http://www.spywarewarrior.com/rogue_anti-spyware.htm

BG

Read other 7 answers