Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [Fixed] any1 with any knowledge on how to stop so many programs running

[Fixed] Hijackthis! Logs - [Fixed] any1 with any knowledge on how to stop so many programs running posted in the Security & Safety forums; Hi Rob, You did great! :afro: Run HijackThis again and fix these items. I think you may want to reinstall your BlueSoleil (wireless software). R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 2 of 3 < 1 2 3 >
  #8  
Old 10-08-2005
ladygreenwitch's Avatar
Administrator
  
Join Date: Jul 2005
Location: Bay Area California
Posts: 4,703
ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page
Default
Hi Rob,
You did great! :afro: Run HijackThis again and fix these items. I think you may want to reinstall your BlueSoleil (wireless software).

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ntlworld.com/broadband
O4 - Global Startup: BlueSoleil.lnk = ?
The backup is just incase, you never want to make changes to your registry without a backup.

If you have done everything on the list, including the defrag, your computer should be running more quickly, is it?

TTFN

T
  #9  
Old 10-08-2005
Bronze Member
  
Join Date: Oct 2005
Posts: 7
dualdot - See this Members User comments on their Profile page
Default
Hey man, sometimes I need to find what a certain process is so I you this little website. It's relly useful when you want to check only a few of your processes.
http://www.processlibrary.com/


__________________
Thanks for the help!
  #10  
Old 10-09-2005
Bronze Member
  
Join Date: Jul 2005
Posts: 28
RobMatthews - See this Members User comments on their Profile page
Send a message via MSN to RobMatthews
Default
Right the BlueSoliel(Bluetooth) is built in to my Pc i have no cd to install again .. now it does actually work.. only when my Pc starts up i have a message "ERROR Please make sure MS Outlook 2k/XP is installed! " i havent a clue what to do with this ... also i defraged my Pc yesterday and all is well .. but it was running faster now its running slower wierd !! but before i think i have another problem i will run my Spy Sweeper and make sure things are clean 1st ..

and i had a look at the link dualdot left www.processlibrary.com

now when i put a search for winlogon.exe it more or less says its a VIRUS :mad:
and the same is for smss.exe it more or less says its a trojan :mad: and they were only a couple i checked ..
  #11  
Old 10-09-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,044
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
Originally Posted by RobMatthews
now when i put a search for winlogon.exe it more or less says its a VIRUS :mad:
and the same is for smss.exe it more or less says its a trojan :mad: and they were only a couple i checked ..
Watch out with "working youre own log" , as you already found out if you dont know what you are doing it can be very tricky , contradicting and confusing. Its not recommended.

After you have run spysweeper can you also run ewido and then post the results?


Download [Ewido Security Suite]
  • Install Ewido Security Suite.
  • When installing, under Additional Options uncheck Install background guard and Install scan via context menu
  • Launch Ewido, there should be a big "E" icon on your desktop, double-click it.
  • The program will prompt you to update click the "OK" button
  • The program will now go to the main screen
  • You will need to update Ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Click on Start
  • The update will start and a progress bar will show the updates being installed.*
  • After the updates are installed, exit ewido.
Once the updates are installed do the following:
  • If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.
  • Reboot into Safe Mode, restart your computer, tap the F8* key. Use your up arrow key to highlight Safe Mode, then hit enter.
Close all open windows/programs/folders and then run Ewido.* Have nothing else open while ewido performs its scan!
  • Click on Scanner , Settings
  • Under "How to scan" all boxes should be selected
  • Under "Possibly unwanted software" all boxes should be selected
  • Under "What to scan" select scan every file
  • Click OK, Complete system scan
  • Let the program scan the machine
  • If ewido finds anything, it will pop up a notification.*
NOTE:* We have been finding some cases of false positives with the new version of Ewido, so you need to step through the fixes one-by-one.* If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, AOL, pcAnywhere and the game "Risk" have been flagged.* In particular, watch for alerts that have the word "Heuristic" in them - if you recognize the file name as "friendly," these may actually be false positives) select "none" as the action.*

DO NOT check "Perform action with all infections."* If you are unsure of an entry, select "none" for the time being.* We will see that in the log when you post it later and let you know if ewido needs to be run again.

Once the scan has completed, there will be a button located on the bottom of the screen named Save report.

Click Save report. Save the report to your desktop, exit ewido


Note:

If during your scan Ewido "crashes" or "hangs", please try scanning again. Before running the scan, click on 'Scanner' (the 3rd bar from the top on the left) and Choose 'Settings'. Uncheck 'Scan in NTFS Alternate Data Streams' as this can cause problems in overly infected systems. Click 'OK' and run a new scan.


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -
  #12  
Old 10-29-2005
Bronze Member
  
Join Date: Jul 2005
Posts: 28
RobMatthews - See this Members User comments on their Profile page
Send a message via MSN to RobMatthews
Default
hi guys, sorry i havent posted back the results of the ewido scan,but everthing was working fine until yesterday when for some reason my latency playing Counter strike went sky high and wouldnt drop down,now its normally fine but its still bad today so i know i have problems,ive ran norton and spy sweeper and they seem to find nothing !!! the only thing i can think off which may have caused me some problems is a update for msn whick i did yesterday afternoon,now ive been scratching my head all day trying to fix my problems until i ran a hijackthis log in which i can see msn written alot in there now maybe this is the cause of my problems maybe not i dont know but ill leave an updated log here and for about the 50th time will someone take a look i dont mean to post so much but u've been very helpful before,and your my only help ive got

also if there is any1 who teaches people to use read hijackthis logs let me know plz

Logfile of HijackThis v1.99.1
Scan saved at 01:22:20, on 29/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Documents and Settings\Rob Matthews\Desktop\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-gb\msntabres.dll/229?ad194f7c22461891f890accda6a04
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-gb\msntabres.dll/230?ad194f7c22461891f890accda6a04
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1084026504781
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
  #13  
Old 10-29-2005
ladygreenwitch's Avatar
Administrator
  
Join Date: Jul 2005
Location: Bay Area California
Posts: 4,703
ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page
Default
Hey There Rob,

Welcome back. Sorry to hear that you're having problems again. Give me a few minutes to read your HJT.

Regarding the learning to read HJT logs, boy have you asked the million dollar question. All you need to do is join the HijackThis! Bootcamp. It is self paced and a really well done program. When you graduate, you will know everything you need to know about HJT logs +++.

Here is the link. HijackThis! Bootcamp.

TTFN

T
  #14  
Old 10-29-2005
ladygreenwitch's Avatar
Administrator
  
Join Date: Jul 2005
Location: Bay Area California
Posts: 4,703
ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page
Default
Hey Rob,

I'm baaack! OK, it looks to me that you somehow installed the new MSN toolbar, it may have been bundled with the upgrade that you just did. It shouldn't be affecting your system the way you described, although I suppose that it could be conflicting with your massive Symantec suite. I would uninstall it.

Also, you may be having a conflict running both the Symantec suite and Spy Sweeper at the same time. I would choose one or the other of their sheilds.

Look forward to your reply,

TTFN

T

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 2 of 3 < 1 2 3 >

Bookmarks

« [Resolved] hijack this log, computer memory very low for no reason | [Resolved] my start page is blank even if i change it. help! »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 03:14 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top
Online Advertising
Join the free co-op advertising network and increase your traffic.

Credit Cards
Credit card comparison from the experts.

Myspace Background Generator
Generate Background Code for you Myspace Profile