Home > Hjt Log > HJT Log - Help Greatly Appreciated

HJT Log - Help Greatly Appreciated

Thanks so much- Jeff D mudflap02View Public ProfileSend a private message to mudflap02Find all posts by mudflap02Add mudflap02 to Your Buddy List #2 Today, 11:29 PM mudflap02 New Member Join Date: The forum is run by volunteers who donate their time and expertise. Reports: · Posted 5 years ago Top bushchr1 Posts: 3 This post has been reported. Thank you for helping us maintain CNET's great community. More about the author

Page 1 of 2 1 2 > Topic Tools #1 March 7th, 2008, 12:32 AM mudflap02 Senior Member Join Date: Aug 2005 Location: Baltimore, MD USA Age: NB Please disable your antivirus program as it may interfere with ComboFix's routines. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : Network TAG : 0 DISPLAY_NAME : COM+ Event System DEPENDENCIES : RPCSS Let me know all is ok DFW MRU Honors Grad Emeritus Posts: 3229Joined: September 28th, 2006, 12:23 pmLocation: UK Top Re: HijackThis Log - Help greatly appreciated by Revan77 » http://www.bleepingcomputer.com/forums/t/36297/hjt-log-help-greatly-appreciated/

or read our Welcome Guide to learn how to use this site. Click here to join today! ComboFix will now run a scan on your system.

Now put a tick by Standard File Kill. Under W7 you have RESOURCE MANAGER as well (from the Task Manager) to see more. Now please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below: Code: Select all First be sure you are signed in as a user with administrative privileges:Stop and Disable the DNS Client ServiceGo to Start, Run and type Services.msc and click OK.

If this service is stopped, this computer will be unable to read smart cards. A new version of Hijack This has been released so get rid of the old one and Click here to download the new one, come back here and post the log If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). http://www.cybertechhelp.com/forums/showthread.php?t=177354 Please re-enable javascript to access full functionality.

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k imgsvc LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Windows Image Acquisition (WIA) DEPENDENCIES : RpcSs TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\services.exe LOAD_ORDER_GROUP : PlugPlay TAG : 0 DISPLAY_NAME : Plug and Play DEPENDENCIES : SERVICE_START_NAME: LocalSystem SERVICE_NAME: If this service is stopped, Help and Support Center will be unavailable. Recently my computer has been running much slower, and I have had problems using the internet at times.

This is a good time to clear your existing system restore points and establish a new clean restore point on all drives: Go to Start > All Programs > Accessories > This is normal. Preview post Submit post Cancel post You are reporting the following post: HijackThis Log This post has been flagged and will be reviewed by our staff. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Internet Connection Firewall (ICF) / Internet Connection Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! RSS ALL ARTICLES FEATURES ONLY TRIVIA Search The How-To Geek Forums Have Migrated to Discourse How-To Geek Forums / Windows 7 Computer running very slowly- Hijackthis log help (7 posts) TYPE : 10 WIN32_OWN_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\msdtc.exe LOAD_ORDER_GROUP : MS Transactions TAG : 0 DISPLAY_NAME : Distributed Transaction Coordinator DEPENDENCIES : RPCSS :

Network Magic Wireless Driver (03/23/2007 4.1.7082.0) --> rundll32.exe C:\PROGRA~1\DIFX\B7A8D76A63BBE060C656AA54D656BF7D1 C31D4C3\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\purendis_9DF8D460DEEF 667AF7B1AA85404140673EC025C2\purendis.inf Windows Easy Transfer --> "C:\WINDOWS\$NtUninstallWETCable$\spuninst\spunins t.exe" Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe " Windows Media Format 11 runtime --> I would greatly appreciate any help as to what it is that I need to fix out of this. Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast!

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 4 DISABLED ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Messenger DEPENDENCIES : LanmanWorkstation : NetBIOS : post your log in one of the following forums:http://www.computercops.biz/http://forums.spywareinfo.com/thanks. If this service is stopped, synchronous and asynchronous file transfers between clients and servers on the network will not occur.

Also HERE in case you can't get into the other page.

Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Yahoo! TYPE : 10 WIN32_OWN_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\imapi.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : IMAPI CD-Burning COM Service DEPENDENCIES : SERVICE_START_NAME: LocalSystem SERVICE_NAME: Doubleclick on combofix.exe and follow the prompts. AnnMarie View Public Profile Find all posts by AnnMarie #8 March 7th, 2008, 05:12 PM mudflap02 Senior Member Join Date: Aug 2005 Location: Baltimore, MD USA Age: 36

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Help and Support DEPENDENCIES : RPCSS SERVICE_START_NAME: scanning hidden autostart entries ... If you are prompted to Reboot during the cleanup, select Yes. TYPE : 10 WIN32_OWN_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\fxssvc.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Fax DEPENDENCIES : TapiSrv : RpcSs : PlugPlay :

If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. If this service is stopped, software-based volume shadow copies cannot be managed. Reports: · Posted 5 years ago Top ispalten Posts: 6259 This post has been reported.

TYPE : 10 WIN32_OWN_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\ups.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Uninterruptible Power Supply DEPENDENCIES : SERVICE_START_NAME: NT AUTHORITY\LocalService SERVICE_NAME: If this service is disabled, any services that explicitly depend on it will fail to start. It is a very effective defense system.If you are part fo a business network, if you are on AOL, or if you use Norton to scan e-mail, be sure to read TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Server DEPENDENCIES : SERVICE_START_NAME: LocalSystem SERVICE_NAME: lanmanworkstation

Flag Permalink This was helpful (0) Back to Spyware, Viruses, & Security forum 2 total posts Popular Forums icon Computer Help 51,912 discussions icon Computer Newbies 10,498 discussions icon Laptops 20,411 When it finishes, also in the left pane, click Replace, and then Save.You can use this manager to handle your HOSTS file download, edits, and most any other HOSTS issue.If you TYPE : 120 WIN32_SHARE_PROCESS INTERACTIVE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : SchedulerGroup TAG : 0 DISPLAY_NAME : Task Scheduler DEPENDENCIES : RpcSs UpdatesDisableNotify is set. [HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL" "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL" "C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL" [HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List] "%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program

A notepad will open up. Login (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! I'd also try this, http://www.sevenforums.com/cra.....onfig.html and see if it helps. Member site: UNITE Against Malware Board index Powered by phpBB Forum Software © phpBB Group Style designed by Artodia.

Change the Files of type to Text file (.txt) before clicking on the Save button.Please post this log in your next reply.Please post backA new Hijackthis LogOnline Scan report DFW MRU Anyway, thanks ahead of time, and I hope it's not too much of a bother. The Temp folder will open.