HiJack this log what do i do with it Help Needed

  Johny C 02:56 01 Sep 2004
Locked

Hi All

I have checked my computer for spyware and adware and everything has been deleted what was on there. I have been advised to run hijack this and delete from there.

I really dont know which entries to delete, can any one help me please

Thanks in advance...........John

  temp003 07:03 01 Sep 2004

Tell us what your problem is, or if there is a previous thread, give us a link to that thread.

On Hijack This, after the Scan, click Save Log. Save it somewhere you can remember. Then Copy and Paste the contents of the log here (in 2 parts - because it will exceed the word limit). Paste the log here in 2 posts. Someone may be able to help.

  accord 07:21 01 Sep 2004

I ran HijacThis last week and i had to create about 4 threads to get all the info on. VoG helped me out no end.

click here

  Johny C 07:54 01 Sep 2004

Logfile of HijackThis v1.97.7
Scan saved at 07:46:17, on 01/09/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\gsicon.exe
C:\WINDOWS\System32\dslagent.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\PestPatrol\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Paltalk\pnetaware.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\BT Broadband\Help\bin\mpbtn.exe
C:\Program Files\Google\ggviewer81-80.exe
C:\Program Files\Avant Browser\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\JetAudio\JetAudio.exe
C:\Program Files\TypeItIn\TypeItIn.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Opera75\opera.exe
H:\Shared\(D) Software\Hijack This\HijackThis.exe

  Johny C 07:55 01 Sep 2004

Logfile of HijackThis v1.97.7
Scan saved at 07:46:17, on 01/09/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\gsicon.exe
C:\WINDOWS\System32\dslagent.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\PestPatrol\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Paltalk\pnetaware.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\BT Broadband\Help\bin\mpbtn.exe
C:\Program Files\Google\ggviewer81-80.exe
C:\Program Files\Avant Browser\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\JetAudio\JetAudio.exe
C:\Program Files\TypeItIn\TypeItIn.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Opera75\opera.exe
H:\Shared\(D) Software\Hijack This\HijackThis.exe

  Johny C 08:02 01 Sep 2004

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = click here
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = click here
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\John\Application Data\Mozilla\Profiles\default\o6mte60r.slt\prefs.js)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WinPatrol] "C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [FreeRAM XP] "H:\Shared\(K) Software\FreeRAM XP\FreeRAM XP Pro 1.40.exe" -win
O4 - HKCU\..\Run: [SmartBarXP] C:\Program Files\SmartBarXP BETA4.9\SmartBarXP.exe
O4 - Startup: PalNetaware.lnk = C:\Program Files\Paltalk\pnetaware.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: TypeItIn.lnk = C:\Program Files\TypeItIn\TypeItIn.exe

  Johny C 08:03 01 Sep 2004

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Subscribe in Desktop Sidebar (HKLM)
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: AIM (HKLM)
O16 - DPF: ppctlcab - click here
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - click here
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - click here
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - click here
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - click here
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - click here
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - click here
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - click here
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - click here
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - click here
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E905E4B-30DA-4B89-8269-608D70A3AD85}: NameServer = 194.74.65.68 194.72.9.39
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E905E4B-30DA-4B89-8269-608D70A3AD85}: NameServer = 194.74.65.68 194.72.9.39

  Johny C 08:06 01 Sep 2004

ive been plagued with spyware/adware/virus etc and i just wonder if anything might be left over running on my Pc. i seem to have a lot of programs running at startup.

Apologies for the log being on 3 seperate posts only i kept getting error messages and the only way i could post was to seperate the log

hope this helps

Cheers John

  Nellie2 11:14 01 Sep 2004

Hi Johny C... I've looked over your log and there is nothing in there that worrries me. You have done a good clean up job there.

You do have a lot of programs running at startup, have a look click here and maybe you can get that list cut down a little! :)

  Johny C 22:11 01 Sep 2004

Thanks for that Nellie2

I will have a look at that site and see if i can stop some programs from starting up.

for some reason my PC is fairly slow and it was only formatted again the other week, so i will try and managed the processes running to see if it will speed up any

Cheers for looking at the hijack log, I'm pleased that there a no nasties in there

  temp003 07:41 02 Sep 2004

You seem to have both ATI and nVidia graphics related processes running (unless one of them is not graphics related?)

You also seem to have virtually all the major web browsers, all the major instant messaging programs, and quite a few spyware detectors/guards installed. Are they all necessary? Even if you want to keep them, you don't need all of them to run at startup.

You probably don't need the Creative updreg.exe to run. Nor the Java update.

Try Mike Lin's Startup Control Panel click here to manage your startup items.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

OnePlus 5 review

50 best online Adobe XD tutorials

iPad Pro 10.5in (2017) review

Comment connecter un MacBook à une TV ?