1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

can you assess my hijack log file please.computer running slow

Discussion in 'Virus & Other Malware Removal' started by jimmoash, Nov 1, 2007.

Thread Status:
Not open for further replies.
  1. jimmoash

    jimmoash Thread Starter

    Joined:
    Nov 1, 2007
    Messages:
    1
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:15:28, on 01/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton Internet Security\ISSVC.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\AOL 9.0 VR\waol.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    c:\APPS\HIDSERVICE\HIDSERVICE.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\wanmpsvc.exe
    c:\program files\common files\aol\1150044141\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
    c:\program files\common files\aol\1150044141\ee\aolsoftware.exe
    C:\Program Files\AOL 9.0 VR\shellmon.exe
    C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.aol.co.uk/web?isinit=true&query=%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VR\AOL.EXE" -b
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
    O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.7.4.28/aces/aces-en_US.cab
    O16 - DPF: All-Star Football Challenge by pogo - http://game1.pogo.com/applet-6.7.4.35/allstarfb2/allstarfb2-en_US.cab
    O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.7.2.33/blackjack/blackjack-en_US.cab
    O16 - DPF: Blackjack Carnival by pogo - http://game1.pogo.com/applet-6.7.3.30/vbjack2/vbjack2-en_US.cab
    O16 - DPF: Blooop by pogo - http://game1.pogo.com/applet-6.7.3.23/cascade/cascade-en_US.cab
    O16 - DPF: Bowling by pogo - http://game1.pogo.com/applet-6.8.2.23/bowling/bowling-en_US.cab
    O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.8.2.23/canasta/canasta-en_US.cab
    O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.7.3.30/checkers2/checkers-en_US.cab
    O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.7.2.24/cribbage/cribbage-en_US.cab
    O16 - DPF: Dice City Roller by pogo - http://game1.pogo.com/applet-6.8.2.23/ytz/ytz-en_US.cab
    O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.7.2.33/domino/domino-en_US.cab
    O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.7.2.24/euchre/euchre-en_US.cab
    O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.7.5.28/superbingo/superbingo-en_US.cab
    O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.8.2.23/harvest/harvest-en_US.cab
    O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.8.2.23/drawpoker/drawpoker-en_US.cab
    O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.7.3.23/pool2/pool-en_US.cab
    O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.7.4.28/gin2/gin2-en_US.cab
    O16 - DPF: Lost Temple Poker by pogo - http://game1.pogo.com/applet-6.7.5.28/mhpoker/mhpoker-en_US.cab
    O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.7.3.30/lottso/lottso-en_US.cab
    O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.7.5.21/mahjong/mahjong-en_US.cab
    O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.7.2.33/mlslots/mlslots-en_US.cab
    O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.8.2.23/penguins/penguins-en_US.cab
    O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.7.4.28/waterwheel/waterwheel-en_US.cab
    O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.8.3.22/flinger/flinger-en_US.cab
    O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.7.3.23/poppit2/poppit2-en_US.cab
    O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.7.3.23/hotstreak/hotstreak-en_US.cab
    O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.8.2.23/squares/squares-en_US.cab
    O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.7.2.33/ride/ride-en_US.cab
    O16 - DPF: Showbiz Slots 2 by pogo - http://game1.pogo.com/applet-6.8.3.22/slots/showbiz2-en_US.cab
    O16 - DPF: Shuffle Bump by pogo - http://game1.pogo.com/applet-6.8.3.22/puck/puck-en_US.cab
    O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.7.3.30/stax/stax-en_US.cab
    O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.8.2.23/sweeper/sweeper-en_US.cab
    O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.7.3.30/holdem/holdem-en_US.cab
    O16 - DPF: Turbo 21 v2 by pogo - http://game1.pogo.com/applet-6.7.4.28/turbo22/turbo22-en_US.cab
    O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/applet-6.7.2.24/memories/memories-en_US.cab
    O16 - DPF: Word Craft by pogo - http://game1.pogo.com/applet-6.8.3.22/babble/babble-en_US.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179360189875
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1} (Zenturi Active Programs Control) - http://www.programchecker.com/dll/nixon.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 12369 bytes
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - assess hijack file
  1. genubi
    Replies:
    0
    Views:
    306
  2. bj nick
    Replies:
    0
    Views:
    687
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/646583

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice