TechSpot

[Inactive] Hijack This postingexcessive lag,computer issues...mywebsearch issues.

By lmwamh
Mar 16, 2010
  1. Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 2:35:45 PM, on 3/16/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\system32\nvsvc32.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\wscntfy.exe
    D:\Program Files\Java\jre6\bin\jusched.exe
    D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    D:\WINDOWS\system32\rundll32.exe
    D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    D:\WINDOWS\SOUNDMAN.EXE
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Registry Mechanic\RegMech.exe
    D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    D:\Program Files\Java\jre6\bin\jucheck.exe
    D:\WINDOWS\System32\msiexec.exe
    D:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RegistryMechanic] D:\Program Files\Registry Mechanic\RegMech.exe /H
    O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - D:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1246822901218
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1253204732718
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\System32\browseui.dll
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 5096 bytes


    The computer used to be able to hold its own but now it is rather laggy for certain things. Not only this but the display has gone from Windows Xp to Windows 95 and I can't seem to find the Windows Xp visuals. It seems like they have been either removed or moved somewhere where I don't have access to them. It is getting rather annoying to see this old plain gray screen, but my primary concern is to keep the computer from lagging.


    I've also had an issue several times upon booting where the explorer.exe process wouldn't run and I would manually have to create it.

    Any help I could receive would be greatly appreciated. Thank you for your time =).
     
  2. Broni

    Broni Malware Annihilator Posts: 47,668   +267

  3. sushibandito2

    sushibandito2 TS Rookie

    hijackthis log, please check!

    Hey guys, I need some help with a friend's computer.
    I ran a system restore and created a hijackthis log.

    please check it as soon as possible and get back to me!

    Cheers,
    Steve
     

    Attached Files:

  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    sushibandito2, please start your own thread. Describe the problem and follow the Preliminary Virus and Malware Removal steps HERE.

    When finished, attach the logs to your reply and we'll review them.
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Closed due to lack of activity.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.