Over 1 million tech questions and answers.

Hijackthis Log--am I infected

Q: Hijackthis Log--am I infected

Can Someone please look at this..My computer is running very, very, slow. I have run thecomedian.exe, malwarebytes(had spyware), and this hijackthis log so far. Any help is greatly appreciated!!!

RELEVANCY SCORE 200
Preferred Solution: Hijackthis Log--am I infected

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Hijackthis Log--am I infected

Due to changes and reposting http://www.bleepingcomputer.com/forums/t/228053/am-i-infected/This thread is closed to preclude confusion.

Read other 1 answers
RELEVANCY SCORE 35.6

Here is my issue. Every hour a new At task is scheduled automatically. In the Run box of the task is this: rundll32.exe igogiy.bun,iyeymnte (or some other gibberish). In the Comments it says: Created by NetSchedulJobAdd. In the Run As: NT AUTHORITY\SYSTEM.On the Schedule Tab it is sceduled to run at 12:00 (there is one for every hour of the day) every Mon, Tue, Wed, Thu, Fri, Sat, Sun of every week, starting 6/15/2011.When this task runs, it runs the rundll32.exe file and it shows up in the Process tab of Task Manager. If I delete the tasks, the reappear no matter what. I have cleaned them of Conficker, run multiple other scans and these machines show up as clean, even in safe mode.Attached is the HiJackThis log. Any thoughts?Added a 2nd HiJackThis log file with a bunch of rundll32.exe process running. The first one I had deleted all of them out, and the At tasks as well.EDIT: Posts merged ~Budapest

A:Infected with something...here is HiJackThis Log

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

Read other 4 answers
RELEVANCY SCORE 35.6

My laptops cannot connect anywhere either using LAN cables or WLAN. Please help to check whether this is caused by spyware/malware or not

Many Thanks guys!

Below is the hijackthis log :
=============================

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:58:26 AM, on 11/22/2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE
C:\Windows\system32\mmc.exe
C:\Windows\system32\taskmgr.exe... Read more

A:Hijackthis Log: Am I Infected?

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/428857 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 35.6

I am having trouble accessing my network connection for the internet. I can't open any email/ie/firefox windows. I can only acces internet via Safe Mode.

Thanks so much.

Jean

A:Hijackthis - Am I infected?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 35.6

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:49:35 PM, on 9/27/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ehome\ehtray.exeC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exeC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\Program Files\ScanSoft\PaperPort\pptd40nt.exeC:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exeC:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeC:�... Read more

A:HijackThis Log - Am I Infected?

Hello and welcome to Bleeping Computer.My name is km2357 and I will be helping you to remove any infection(s) that you may have.I will be giving you a series of instructions that need to be followed in the order in which I give them to you.If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.Please do not start another thread or topic, I will assist you at this thread until we solve your problems.Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.Sorry for the delay in replying, the forum is very busy. If you still need help, please post a fresh HiJackThis Log

Read other 14 answers
RELEVANCY SCORE 35.6

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:24:54 AM, on 3/28/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18372)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\VistaDrive\VistaDrive.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\igfxsrvc.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\tsnpstd3.exeC:\WINDOWS\vsnpstd3.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\TaskSwitchXP\TaskSwitchXP.exeC:\Program Files\uTorrent\uTorrent.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\... Read more

A:hijackthis log maybe infected maybe not

Hi,* Please download Malwarebytes' Anti-Malware from Here or HereDouble Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.In case you already used MBAM previously, please update it before proceeding with the scan. To do this, click the "Update" tab and click the "Check For updates" button.Once the program has loaded and updates were downloaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply along with a fresh HijackThis log.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Read other 2 answers
RELEVANCY SCORE 35.6

Been getting pop-ups as well as some other "strange" things with as well as some sort of 2008 virus scanner that keeps coming up.HiJackThis log below.***********************************Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:23:49 PM, on 1/19/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exeC:\WINDOWS\System32\GEARSec.exeC:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exeC:\WINDOWS\BCMSMMSG.exeC:\Program Files\Common Fil... Read more

A:HiJackThis log...Could be really infected...

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed. Use the 'Add Reply' and add the new log to this thread. Also please explain your problem as fully as possible. Each little detail will help in getting your system cleaned up and functional again.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scans:Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mba... Read more

Read other 2 answers
RELEVANCY SCORE 35.6

I just noticed I have allot of overseas connections starting when I access the network.

Also when I shutdown I have tasks running that have a different name every time that I have to manually close.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:04:42 PM, on 2/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program File... Read more

Read other answers
RELEVANCY SCORE 35.6

Can someone take a look over this for me please. Problem appears to be with Advanced Virus Remover 2010 and I can't remove it.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 15:04:14, on 25/11/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16827)Boot mode: NormalRunning processes:C:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Intel\ASF Agent\ASFAgent.exeC:\Program Files\Intel\AMT\atchksrv.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeC:\Program Files\Intel\AMT\LMS.exeC:\WINDOWS\System32\svchost.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\locator.exeC:\WINDOWS\system32\r_server.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Intel\AMT\UNS.ex... Read more

A:Hijackthis log from infected PC

Hello and welcome to Bleeping Computer ! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.F... Read more

Read other 2 answers
RELEVANCY SCORE 35.6

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:09:07 AM, on 10/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\rpcnet.exe
C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\SetPoint\SetPoint.exe
C:\Program Files\Trend Micro\Internet... Read more

Read other answers
RELEVANCY SCORE 35.6

Hi,

Already scanned with ad-aware. Does my system look good? Cause I've noticed some slowing down.
thank you!

Logfile of HijackThis v1.99.0
Scan saved at 9.26.04, on 23/12/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\AVPersonal\AVGUARD.EXE
C:\Programmi\AVPersonal\AVWUPSRV.EXE
C:\Programmi\eMule\emule.exe
C:\Programmi\Outlook Express\msimn.exe
C:\DOCUME~1\ALESSA~1\IMPOST~1\Temp\Directory temporanea 1 per hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVGCtrl] C:\Programmi\AVPersonal\AVGNT.EXE /min
O4 - HKCU... Read more

A:hijackThis log, infected?

IS it infected?
 

Read other 1 answers
RELEVANCY SCORE 35.6

Hi,

I know my computer is infected with some kind of virus/trojan. My homepage has been hijacked, and my computer and internet has slowed down to a crawl. I have used HijackThis successfully in the past (with help from Bleeping Computer's forums) but now I cannot even run Hijack This. As soon as I click to open it, the application flicks up for around 2 seconds, then disappears. Sometimes the same thing will happen when I run IE.

I am desperate to get rid of whatever has taken over my computer, but without HijackThis, I don't know where to begin. I have noticed a lot of unfamiliar processes have begun running on my computer when I open Task Manager (eg. svchost.exe, searchfilterhost.exe, lsass.exe, CFSrcs.exe, spoolsv.exe). My ant-virus software does not seem to be picking them up, and it is fully updated etc.

I would appreciate ANY help, as I am frustrated that I can't use HijackThis.

Thankyou,

LB

A:Infected...can't Even Run Hijackthis...

Try renaming the Hijack This.exe to "lastchancescan". Find the .exe and right click on it. Then choose rename.

Read other 1 answers
RELEVANCY SCORE 35.6

I know i am infected cause my wow account has been hacked, heres my hijackthis log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:10:16 AM, on 2/1/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\RegGenie\RegGenieScheduler.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Windows\System32\CTHELPER.EXE
C:\Windows\System32\CTXFIHLP.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wuauclt.exe
C:\Pr... Read more

A:i am infected please help, hijackthis log

please help, i still have a virus

Read other 2 answers
RELEVANCY SCORE 35.6

For additional information, please read this topic: http://www.bleepingcomputer.com/forums/t/188117/i-think-this-computer-has-some-issues/ ~ OBHey guys,I am visiting my parents, and her computer is running kinda slow. I downloaded and ran SuperAntiSpyWare, and got rid of 511 threats. Most of them were adware cookies, but, there were 3 trojans and other things.If you can help me, I'd appreciate that. If you can do me one favor, if you tell me to delete/get rid of anything, I'd appreciate you telling me what it is. My mother does have some neat "flashy" programs, and I don't want to get rid of anything that she likes, without first letting her know.JeremyHere we go:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:07:16 PM, on 12/20/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exeC:\WINDOWS\System32\GEARSec.exeC:\Program Files\Common Files\Motive\McciCMService.exeC:\Program Files\Common Files\M... Read more

A:Am I infected? Here is my HiJackThis

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable a... Read more

Read other 2 answers
RELEVANCY SCORE 35.6

when i go to save the log to the notepad i get an access denied message. and then my mcafee virus says that hijack this was infected with the trojan virus. im at my wits end am i going to have to reformat my whole computer? i just did two weeks ago. im begging for help, i dont know what to do.
 

A:hijackthis infected?

Click the colored link below to get AntiVir (click the Download button; Click the red/black AntiVir icon)Uninstall Mcafee; restart your computer; install AntiVir

you can generate a log in Safe Mode too

(tap F8 five times per second during a restart; Choose option number three (3) in the Windows Startup dialog box using the arrow keys below the Delete key, and strike the Enter key; Click Ok when prompted).
 

Read other 1 answers
RELEVANCY SCORE 35.6
A:Infected? Hijackthis Log

Hello and welcome to the forum. Sorry for the delay but things can get very busy here.I am here to help you clean up your computer, if you are still having a problem.I would like you to do a new scan with Deckard's System Scanner, so we can have a look at what is happening right now.Please download Deckard's System Scanner (DSS) and save to your Desktop.alternate download siteDSS will do the following:Create a new System Restore point in Windows XP and Vista.Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives.Check some important areas of your system and produce a report for an analyst to review.Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes.You must be logged onto an account with administrator privileges when using.Close all applications and windows.Double-click on dss.exe to run it and follow the prompts.If your anti-virus or firewall complains, please allow this script to run as it is not
malicious.When the scan is complete, two text files will open in Notepad:main.txt <- this one will be maximizedextra.txt <- this one will be minimizedIf not, they both can be found in the C:\Deckard\System Scanner folder.Please copy (Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your next reply.-- When ... Read more

Read other 62 answers
RELEVANCY SCORE 35.6

I can not select turn off from my start menu. when i hit ctrl alt del i get a message sayin task manager is disabled by administrator but im the only one that uses this comp. Other sites told me to remove some reg things and then it works BUT every log off or restart the regs just come backHELPHijack This Log:Logfile of HijackThis v1.99.1Scan saved at 12:15:28 PM, on 7/26/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program Files\NDAS\System\ndassvc.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Symantec AntiVirus\Rtvscan.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper.exeC:&... Read more

A:Hijackthis Log, Am I Infected ?!?!?!?

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download Ewido Anti-spyware and save that file to your desktop.This is a 30 day trial of the programOnce you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.Once the setup is complete you will need run ewido and update the definition files.On the main screen select the icon "Update" then select the "Update now" link.Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.Once in the Settings screen click on "Recommended actions" and then select "Quarantine".Under "Reports"Select "Automatically generate report after every scan"Un-Select "Only if threats were found"Close ewido anti-spyware, Do Not run a scan just yet, we will shortly.Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
IMPORTANT: Do not open any other windows or programs while ewido is scanning, it may interfere with the scanning proccess:Lauch ewido-anti-spyware by double-clicking the icon on your desktop.Select the "Scanner" icon at... Read more

Read other 5 answers
RELEVANCY SCORE 35.6

Help me??? i need to clean my notebookand i think nod32 is too infected??? show "?" in analasy log in site of hijackthiscan anyone help me???? -------LOG HIJACKTHISLogfile of Trend Micro HijackThis v2.0.2Scan saved at 10:46, on 28/10/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\ARQUIV~1\GbPlugin\GbpSv.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exeC:\Arquivos de programas\Internet Explorer\IEXPLORE.EXEC:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exeC:\Arquivos de programas\Cedro Market & Finances\Cedro Lite\Firebird\bin\fbguard.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Arquivos de programas\Java\jre6\bin\jqs.exeC:\Arquivos de programas\GFI\LANguard Network Security Scanner 3\sscansvc.exeC:\ARQUIV~1\MI6841~1\MSSQL... Read more

A:Log HiJackThis - is infected?

up!

Read other 4 answers
RELEVANCY SCORE 35.6

Hi I'm new to all this so please LMK how I can help you, to help me fix my PC.First off, I was running F-PROT Anti-Virus with the latest defs and thought I was protected, but somehow I got infected with some malware/virus stuff. F-PROT didn't warn me about anything malicious and has since been removed because I don't trust it anymore. I'm installed AVG 8.5 (Free Edition) right away. When I installed AVG 8.5 Free it found a few Trojan style viruses and reported that it removed them successfully, which it obviously hasn't.The symptoms of my infection are that I have slower then normal page load times in FireFox, the whole internet seems to be running slower like it is doing stuff in the background , and most noticeably I am getting pop up windows in both IE and Firefox mostly advertising Anit-Virus/Anti-Malware softeare. (Kinda ironic and infuriating). I get these popups even when no browser is actively running. I have run a full scan with AVG and TrenMicro's HouseCall, but so far I have been unable to eliminate these FireFox and IE pop ups.So far everything I have tried has not been successful, so I'm asking you (the expert) to help me get my PC running happily again.Please help. ThanksHere Are The Logs1 - HijackThis Log Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:15:40 PM, on 3/25/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16791)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOW... Read more

A:My HijackThis Log - I'm infected

Hello Thormix,Your computer has a nasty case of Vundo. Let's make it happy again. This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.1. Download this file - combofix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe2. Double click combofix.exe & follow the prompts.3. When finished, it will produce a log for you. Post that log in your next reply please, along with a new HijackThis log.Note:Do not mouseclick combofix's window while it's running. That may cause it to stall.Thanks,tea

Read other 7 answers
RELEVANCY SCORE 35.6

Hello folks,I am quite new to Hijack This and require your assistance to analyse the HT log. I am infected with CWS Home Search Assistant and my PC startup is very very slow....... am in dire need of some expert advise from the gurus....Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:37:49 AM, on 7/14/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\SCardSvr.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\WINDOWS\system32\CTsvcCDA.exeC:\Program Files\Symantec... Read more

A:Hijackthis Log - Infected By Cws - Help !

Hi zainul77,
I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible.

Read other 2 answers
RELEVANCY SCORE 35.6

Hi there

I am dealing with a computer which is so infected that I can't even run Hijackthis! It originally gave me an error message (msvbvm60.dll missing) when I tried to run HJT but I have now downloaded the DLL file and saved it to windows/system. However, Hijackthis, Killbot, CWShredder and many other programmes close down a few seconds after I open them. Even task manager stays open for just a few seconds before closing.

I can't install Ewido, TM PC-cillin etc, as they cut out a few seconds into installation. I can't even do a TM Housecall scan, as IE closes after a few seconds. Oddly enough, I could install Spybot and download updates, but it finds no malware! I was also able to install and run Cleanup.

I have attached screen shots of task manager processes running, in case this helps. It took some fancy fingerwork and a number of tries to get these before task manager closed!

Is there any way forward, other then reformatting the hard drive????

I am emailing from another machine.

Thanks
Landrover
 

A:So infected, can't even run Hijackthis!

Read other 13 answers
RELEVANCY SCORE 35.6

Logfile of HijackThis v1.98.2Scan saved at 9:13:56 PM, on 12/13/2004Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exeC:\WINDOWS\system32\cisvc.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\GEARSEC.EXEc:\PROGRA~1\mcafee.com\vso\mcvsrte.exeC:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exeC:\WINDOWS\wanmpsvc.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\Common Files\Dell\EUSW\Support.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Common Files\AOL\ACS\AOLDial.exeC:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exeC:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exeC:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exec:\PROGR... Read more

A:Infected again, HiJackThis Log

Hi Download Ad-aware SE 1.05: hereInstall it. When you get the last screen, with the "Finish" button and 3 options, uncheck those three items.Open AdAware and click the "Check for updates now" link. Close AdAware. Don't use it yet.Using Ad-Aware SE to remove Spyware & Hijackers from Your Computer Download System Security Suite here:System Security Suite Download & Tutorial. Unzip it to your desktop.Install the program. Don't use it yet.Download, install and UPDATE SpyBot Search & Destroy.Using Spybot - Search & Destroy to remove Spyware from Your Computer Download, install and update Spyware Blaster. Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware REBOOT into SafeMode by tapping F8 key repeatedly at bootup: Starting your computer in Safe modeRun AdAware, press the "Start" button, uncheck "Scan for negligible risk entries", select "Perform full system scan" and press "Next". Let AdAware remove anything it finds.Run SpyBot Search & Destroy and remove anything it finds.With all windows and browsers closed.Clean out temporary and Temporary Internet Files.A. Open System Security Suite.B. In the Items to Clear tab thick:- Internet Explorer (left pane): Cookies & Temporary files- My Computer (right pane): Temporary files & Recycle BinPress the Clear Selected Items button.Close the program.REBOOT normally. Run HijackThis! again and post a new log please.

Read other 8 answers
RELEVANCY SCORE 35.6

Hi All,I am facing Malware / Spyware problems for few days.Now my PC has stopped acting in a weird manner.I just heard about HijackThis and installed it, and ran it.I have uploaded My Log file.Couple of days before I even had scanned My PC from Trendmicro.com.It has shown some cookies.It also showed me some vulnerabilities, and referenced me to the following links:http://www.microsoft.com/technet/security/...n/MS04-028.mspxhttp://www.microsoft.com/technet/security/...n/MS04-027.mspxHoping to get some help from this forum.Thanks In Advacne.RegardsArif

A:Hijackthis Log. Is My Pc Infected

Welcome to the BleepingComputer HijackThis Logs and Analysis forum. My name is Richie and i'll be helping you to fix your problems.Apologies for the late response,as i'm sure you can appreciate we are absolutely snowed under with logs.If you still require help,please post a new Hijackthis log into your next reply.

Read other 1 answers
RELEVANCY SCORE 35.6

Hi guys here is my log post of Hijackthis. I believe my pc is infected some how. The performance is being affected because my CPU usage is running higher then normal (100%) a lot of the time. And my start up to windows runs slower then before. And yes I did check "Msconfig" to the "start up menu" to see if I didn't want any unwanted programs to start up and I'm good there.

Log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:47:17 PM, on 3/21/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
C:\Users\NightJay0044\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\NightJay0044\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe
C:\Users\NightJay0044\AppData\Local\Temp\Rar$EX86.064\menuApp.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\AVG\AVG2012\av... Read more

A:Hijackthis (log) infected PC?

Problem solved! since no one wanted to reply...that's okay..I got it..

I went to "MSCONFIG" then disabled all processes and restarted as a clean volume boot and that made my pc run a lot faster no more at 100%..
 

Read other 1 answers
RELEVANCY SCORE 35.6

Hi All,Can you have a look at my Hijackthis log file, I have been working for days trying to eliminate this trojan or whatever it is. I have also been working with a couple of guys in another thread giving me great help. The hijackthis log I belive goes in here.other thead and logs incase needed.http://www.bleepingcomputer.com/forums/t/136144/im-infected-need-help-badly-please/RegardsMartinLogfile of Trend Micro HijackThis v2.0.2Scan saved at 15:10:50, on 15/03/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\DAEMON Tools Lite\daemon.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\ePad995\ePad995.exeC:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exeC:\Program Files\12Ghosts\12clip.exeC:\Program Files\Mozilla Firefox\fi... Read more

A:Hijackthis Log / Infected

Hi techi Sorry for the delay in answering your post.If you still need help could you please post back a new Hjt log.... things change so quickly and we need to see what's happening now.ThanksStarbuck

Read other 28 answers
RELEVANCY SCORE 35.6

Hi everyone! This is my first post here. I'd like for someone to look over this log and tell me if there's anything fishy going on, I was recently infected with Trojan-relayer-highport as spysweeper called it, and while I think it is gone I need to be sure. Thanks!!!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:12:29 PM, on 11/12/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\ULI5289\ALi5289.exeC:\Program Files\Ahead\ODD Toolkit\DVDTray.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\BroadJump\Client Foundation\CFD.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Java\jre1.5.0_08\bin\jusched.exeC:\WINDOWS\system32\WService.EXEC:\Program Files\iTunes\iTunesHelper.exeC:\Documents and Settings\William Spradlin... Read more

A:Hijackthis Log- Not Sure If I'm Infected

Welcome to the BleepingComputer HijackThis Logs and Analysis forum paintmoonsred My name is Richie and i'll be helping you to fix your problems.Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This changed in 2006,read this article: http://www.clickz.com/news/article.php/3561546You are well advised to remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present,then restart your pc:ViewpointViewpoint ManagerViewpoint Media PlayerYour version of Sun Java is out of date.Older versions have vulnerabilities that malware can use to infect your system.Please follow these steps to remove older versions of Sun Java,and then update.1. Download the latest version of Java Runtime Environment (JRE)2. Scroll down to where it says 'Java Runtime Environment (JRE) 6 update 3'.3. Click the "Download" button to the right.4. Check the box that says: "Accept License Agreement".5. The page will refresh.6. Click on the link to download 'Windows Offline Installation, Multi-language' and save to your desktop.7. Close any programs you may have running - especially your web browser.8. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.9. Check any item with Java Runtime Environment (JRE or J2SE) in the name.10. Click the Change/Remove button.11.... Read more

Read other 10 answers
RELEVANCY SCORE 35.6

I did a A-Square Search and found a Bunch of Infected System Restore points so I deleted them I use Nod32 Anti-Virus 3.0.6.21 and Comode Firewall Pro v3...Am I infected?

Here is my log...

Logfile of HijackThis v1.99.1
Scan saved at 10:19:20 PM, on 1/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\PC Auto Shutdown\AutoShutdown.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bi... Read more

Read other answers
RELEVANCY SCORE 35.6

Definitely infected...Posting this then running all my usual scans and posting again. TY

Logfile of HijackThis v1.99.1
Scan saved at 4:57:03 PM, on 8/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\System32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\runservice.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\System32\SK9910DM.EXE
C:\WINNT\GWMDMMSG.exe
C:\WINNT\Logi_MwX.Exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINNT\wanmpsvc.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINNT\System32\rundll32.exe
C:\WINNT\System32\winlogon.exe
C:\WINNT\System32\HPZipm12.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gamefaqs.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System3... Read more

A:Infected, HiJackThis Log Need Help PLS

Read other 7 answers
RELEVANCY SCORE 35.6

my computer got a virus from a jump drive that I used on public computer.4 days ago, every time I turned on the computer, I got a virus warning.2 days ago I got a Trojan warning.and now I don't get any warning.So would you please check the hijackthis log for me?thank you very much.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 22:30:09, on 17/2/2552Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16791)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exeC:\Program Files\Intel\Wireless\Bin\Re... Read more

A:is it still infected? help with hijackthis log please

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for p... Read more

Read other 2 answers
RELEVANCY SCORE 35.6

Logfile of HijackThis v1.99.1
Scan saved at 6:23:52 PM, on 10/31/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Documents and Settings\Nathan Loosevelt\My Documents\filelib\lookimrudolph\Hijack this\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\DOCUME~1\NATHAN~1\MYDOCU~1\filelib\LOOKIM~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.E... Read more

A:Hijackthis log Am i infected?

Are you having some issues? Please explain if so. I don't see any malware in that log. HijackThis doesn't see everything out there these days....let's have you run an online scan and see if anything lurks.

Perform an online scan with Internet Explorer with

Kaspersky Online Scanner

Next Click on Launch Kaspersky Online Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make that the following are selected:Scan using the following Anti-Virus database:
Standard
Scan Options:
Scan Archives
Scan Mail Bases

Click OK
Now under select a target to scan:Select My Computer

This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.Now click on the Save as Text button:

Save the file to your desktop.
Copy and paste that information in your next post.
Take note the names and locations of any file it detects but fails to clean.

* Turn off the real time scanner of any existing antivirus program while performing the online scan

Read other 1 answers
RELEVANCY SCORE 35.6

i had just tried to do a memtest86, to test my ram but i couldnt get the test to run, so i left the cd in there and rebooted my comp and tried to do a windows memory test and it froze my computer and i found it frozen this morning after i hard-restarted it and it was booting fine (with the memtest86 cd still in) and then it goes to a black screen during boot up, b4 the windows log on screen saying, "boot actualkeylogger.exe" with a " / " spinning around at the end of the sentence, is this a virus? i am running windows 7 RC 7100. i have avg professional, ad-aware, malware bytes, and spybot, for my anti-virus. should i go into safe mode and perform a scan from there or what? and all of my antivirus software caught nothing i think ad-aware scan had caught the monitoring software prior to my original shutdown and was waiting for me to restart but im not sure if that is what caused it or not, so i decided the next best thing would be to create a hijackthis log and see if people, could help me figure out what is wrong

A:help with hijackthis log, am i infected?

Hello and to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.*If you have since resolved the original problem you were having, we would appreciate you letting us know. *If not please perform the following steps below so we can have a look at the current condition of your machine. *If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.**If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. In order to be notified via email when your topic has a reply you need to enable topic notifications. To enable topic notifications you should do the following: 1. Click on the My C... Read more

Read other 2 answers
RELEVANCY SCORE 35.6

Logfile of Trend Micro HijackThis v2.0.4Scan saved at 10:41:52 PM, on 15/10/2010Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v8.00 (8.00.6001.18865)Boot mode: NormalRunning processes:C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Program Files (x86)\DAEMON Tools Lite\daemon.exeC:\Program Files (x86)\Winamp\winampa.exeC:\Program Files (x86)\Java\jre6\bin\jusched.exeC:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exeC:\Program Files (x86)\AVG\AVG9\avgtray.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\CCleaner\CCleaner.exeC:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exeC:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exeC:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exeC:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exeR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO1 - Hosts: ::1 localhostO2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllO4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" M... Read more

A:New to Hijackthis am i infected?

Hello Camothy ,Sorry for the delay. If you still need help, please post a new DDS/HijackThis log and I'll be happy to look at it. Thanks,tea

Read other 2 answers
RELEVANCY SCORE 35.6

Hi, I am new to this forum and currently seeking help with my laptop. I have 68 processes running(which i believe is way too many that need to be running), also my computer seems to becoming more sluggish by the day. I have AdAware and AntiVir installed and they are both on a weekly schedule scan and they never find anything wrong. My main concern is 68 processes running, and maybe thats why my computer is running so slow. Logfile of Trend Micro HijackThis v2.0.4Scan saved at 6:12:03 PM, on 5/23/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v7.00 (7.00.6002.18005)Boot mode: NormalRunning processes:C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\Java\jre6\bin\jusched.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\... Read more

A:HiJackThis Log -- I'm Infected, Please Help!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEmsconfigsafebootminimalactivexdrivers32netsvcs%SYSTEMDRIVE%\*.exe/md5st... Read more

Read other 2 answers
RELEVANCY SCORE 35.6

Hi,

Does my HJL looks clear?
thank you!

Logfile of HijackThis v1.98.2
Scan saved at 19.36.07, on 17/10/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\AVPersonal\AVGUARD.EXE
C:\Programmi\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Programmi\AVPersonal\AVGNT.EXE
C:\Programmi\Messenger\msmsgs.exe
C:\Documents and Settings\Alessandro\Documenti\emule\emule.exe
C:\DOCUME~1\ALESSA~1\IMPOST~1\Temp\Rar$EX01.313\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webopedia.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\P... Read more

A:hijackthis log.... infected

Hi number,

Your log seems OK !
 

Read other 1 answers
RELEVANCY SCORE 35.6

Everyday my facebook and yahoo passwords keep changing. I have run AVG. Malwarebytes, and regdefense., But the problem keeps happening. I am running vista 64 and latest firefox. I scan with hijackthis, but am not experienced enough to understand what to look for or remove.

 hijackthis.log   10.31KB
  26 downloads
 hijackthis.log   10.31KB
  26 downloads

A:hijackthis log pc infected?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

Read other 2 answers
RELEVANCY SCORE 35.6

Hi, i posted a thing earlier but my internet was turned off in the midle of implementing what i was told to do. So here i am again, with a messed up computer =(. My internet browser loads things REALLY slow, sometimes it give me the can't find server page that tells you to refresh, sometimes it re-directs me to another page that has absolutely nothing to do with what i'm doing. A lot of the times its a search engine I've never heard of. And i can't use hijack this anymore! it says the application has failed to start because MSVBVM60.DLL was not found. Re-installing the application may fix this. Which of course, doesn't. Please help!

A:I'm Seriously Infected But Can't Use Hijackthis

From Merjin's site:Why am I getting 'Unexpected error' about MSVBVM60.DLL? That link will explain about runtime libraries you need and also link you to a Microsoft download that will fix things. Hope this helps...rigel

Read other 3 answers
RELEVANCY SCORE 35.2

Here is my log. I ran an adaware scan and got tons of backdoor trojans and other types of trojans. 405 Critical objects. Here is my HijackThis log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:08:37 PM, on 1/8/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16574)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\COMMON~1\aol\ACS\AOLacsd.exeC:\WINDOWS\system32\cisvc.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\Program Files\McAfee\MPF\MPFSrv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\nvsvc32.exeC:\Program Files\SiteAdvisor\6253\SAService.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\WINDOWS\wanmpsvc.exeC:\WINDOWS\System32\MsPMSPSv.exec:\PROGRA~1\mcafee.com\agent\mca... Read more

A:Infected With Trojans-hijackthis Log

Hi psilver50,I'm sorry it's taken so long for you to get a response to your post. If you still need help please do as follows:Download Deckard's System Scanner (DSS)Close all applications and windows.Double-click on dss.exe to run it, and follow the prompts.When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimizedMake sure Format->Word Wrap is uncheckedCopy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your replyOnce complete, please post both DSS logs, you won't need to produce a new HijackThis log as DSS produces one for you.

Read other 3 answers
RELEVANCY SCORE 35.2

Hi!Yesterday I noticed my computer was infected with the "XP Police Anitvirus" virus. My background change to red, green and blue squares and pop ups warned me of a possible intrusion.After scanning my harddrive with my Antivirus program (McAfee) serveral trojans were found. I tried to remove them all however I?m not so sure i succeeded in doing so. Moreover I?m no computer genius so I?m not too sure what more to do. I would like some help in figuring out if there are any trojans/viruses still in my computer. Below you have my HijackThis log.Any help is much appreciated!!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 17:07:59, on 2009-02-05Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre1.6.0_07\bin\jusched.exe... Read more

A:Infected? Need help! HijackThis log included...

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this post a fresh hjt log, please.

Read other 4 answers
RELEVANCY SCORE 35.2

Here's a hijackthis log, could anyone please check if my system is infected with anything ?Logfile of Trend Micro HijackThis v2.0.4Scan saved at 09:39:16, on 28.08.2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Programfiler\Alwil Software\Avast4\aswUpdSv.exeC:\Programfiler\Alwil Software\Avast4\ashServ.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Programfiler\ScanSoft\OmniPageSE4.0\OpwareSE4.exeC:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exeC:\Programfiler\iTunes\iTunesHelper.exeC:\WINDOWS\system32\ctfmon.exeC:\Programfiler\Fellesfiler\Nikon\Monitor\NkMonitor.exeC:\WINDOWS\system32\spoolsv.exeC:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\system32\bgsvcgen.exeC:\Programfiler\Bonjour\mDNSResponder.exeC:\... Read more

A:Hijackthis log - Is my computer infected?

Hello henselva,Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Your using an old version of AVAST.The new Avast version 5.0 is now available.Uninstall the old version and download the new Avast version 5.0,Then run it let it remove anything it finds. ************Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt.Please post the contents of that document. ************Please download Malwarebytes' Anti-Malware from one of these places:http://download.cnet.com/Malwarebytes-Anti...&tag=buttonhttp://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.htmlhttp://www.besttechie.net/mbam/mbam-setup.exeDouble Click mbam-setup.exe to install the application. * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select "Perform Full Scan", then click Scan. * The scan may take some time to finish,so please be patient. * When the scan is complete, click OK, then Show Results to view the results. * Make sure that everything is checked, and click Remove Selected. * When disinfection is... Read more

Read other 2 answers
RELEVANCY SCORE 35.2

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:12:37 PM, on 8/12/2007Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\utjcbctm.exeC:\Program Files\Network Associates\Common Framework\FrameworkService.exeC:\Program Files\Network Associates\VirusScan\VsTskMgr.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINDOWS\System32\snmp.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Network Associates\VirusScan\SHSTAT.EXEC:\Program Files\Ahead\InCD\InCD.exeC:\WINDOWS\System32\ctfmon.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThi... Read more

A:Help : Hijackthis Log From My Infected Computer.

Welcome to the BleepingComputer HijackThis Logs and Analysis forum John99 My name is Richie and i'll be helping you to fix your problems.Download Combofix and save to your desktop:Note: It is important that it is saved directly to your desktop Close any open browsers. Double click on combofix.exe and follow the prompts. When it's finished it will produce a log. Post the entire contents of C:\ComboFix.txt into your next reply. Note: Do not mouseclick combofix's window while it's running. That may cause the program to freeze/hang. Do NOT post the ComboFix-quarantined-files.txt unless I ask.Now go to: C:\Program Files\Trend Micro\HijackThis\HijackThis.exeRight click on Hijackthis.exe and select 'Rename', rename it to abc.batDouble click on abc.bat(which is still Hijackthis.exe),post that log into your next reply please.

Read other 4 answers
RELEVANCY SCORE 35.2

Hi all, and Thank You for being here. I'm getting ready to sell my computer, and I would like to be able to show a clean Hijackthis log to a potential buyer. I'm hoping I'm not infected, but who really knows unless you post. So, here's my hijack this log, I know there are a lot of people with real problems out there, and I apologize if anyone gets mad for me just posting for a clean one. I know time is valuable for all involved, so I really, really appreciate you all being here. Thanks again, wowie

Logfile of HijackThis v1.99.1
Scan saved at 8:50:31 AM, on 9/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\WINDOWS\LTMSG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Ba... Read more

A:Hijackthis help, hoping I'm not infected

That all looks fine...

Read other 2 answers
RELEVANCY SCORE 35.2

Logfile of HijackThis v1.99.1Scan saved at 8:17:26 PM, on 7/6/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Norton Internet Security\ISSVC.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\PROGRA~1\NORTON~3\NORTON~1\GHOSTS~2.EXEC:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXEC:\PROGRA~1\NORTON~3\SPEEDD~1\nopdb.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\wscntfy.... Read more

A:Please Take A Look At My Hijackthis Log I Think My Computer Might Be Infected

Nothing in the log

Read other 1 answers
RELEVANCY SCORE 35.2

Hi, this is a hijackthis log for my computer. I woke up this morning to find my normally super fast comp as slow as a snail. I think there is a virus. Please help
 hijackthis.log   12.04KB
  6 downloads

A:Hijackthis log - virus infected?

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

Read other 8 answers
RELEVANCY SCORE 35.2

I'm not sure how I got this, but I sure want to get rid of it.All I know is...I walked away from my computer earlier today.I came back, it had crashed and restarted itself.(But that isn't unusual for me, this thing crashes a lot.)I tried logging in. It took an unusually long time to log me in.When I finally got on, It wouldn't load my desktop icons or explorer.My icons loaded eventually, but still no explorer.I tried going to System Restore. But it says "System restore is unable to protect your computer. Please restart your computer and use System Restore again."So I got HijackThis and I ran a scan and loaded it in the auto-analyzer here: http://www.hijackthis.de/#anlI fixed all the entries that had red Xs.I ran a scan again, the items I fixed were back immediately.I tried restarting and scanning again multiple times.Same thing happened every time.How do I get rid of this nasty thing?Please help me!(removed the log)Also, I notice when I restart, before the desktop loads.I get a small popup saying "Loading personalized settings." or something.And it loads a svchost.exe file from a temp directory.Also, I have no internet at first.After a few minutes, I get an alert saying svchost.exe crashed, followed by four or so alerts saying Google Chrome crashed. (My default browser, but it wasn't even running.)After that happens, I get Internet access again.Is there anything I can do?edit again:I found the McAfee "Stinger" scanner.I have i... Read more

A:Infected computer (HijackThis log)

:s Sorry, I just noticed I posted this in the wrong section.

Read other 10 answers
RELEVANCY SCORE 35.2

Logfile of HijackThis v1.99.1
Scan saved at 2:26:05 PM, on 7/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:... Read more

A:Solved: Infected- Here is my hijackthis log

Read other 8 answers
RELEVANCY SCORE 35.2

I'm not sure if I'm infected, and my CPU usage randomly sky rockets and then goes back down in a blink of an eye. Below is my hijackthis log and I would love if someone took a look at it and told me what's the deal with my computer. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 4:23:01 PM, on 7/16/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Digital Media Reader\shwiconem.exeC:\Program Files\Intel Audio Studio\IntelAudioStudio.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeC:\Program Files\Common Files\AOL\ACS\AOLDial.exeC:\Program Files\Common Files\AOL\1136067889\ee\AOLSoftware.exeC:\PROGRA~1\Yahoo!\browser\ybrwicon.exeC:\Program Files\QuickTime\qttask.exeC:\PROGRA~1\Yahoo!\browser\ycommon.exeC:\PROGRA~1\Yahoo!\YOP\yop.exeC:\Program Files\i... Read more

A:Am I Infected? Hijackthis Log Included.

Hello sunnyskies,

Welcome to Bleeping Computer

Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea

Read other 1 answers