Go Back   Cyber Tech Help Support Forums > Software > Malware Removal
Reload this Page HELP going fast about to crassh
Register FAQ Calendar Today's Active Topics Search

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Closed Topic
 
Topic Tools
  #1  
Old November 4th, 2006, 05:14 AM
charlottswebb charlottswebb is offline
New Member
  
Join Date: Jan 2005
O/S: Windows XP Pro
Location: New York
Posts: 8
Exclamation HELP going fast about to crassh


My pc has a little over 400 mgs of space I've tried to defrag and the more I delect things the less space I have available. I was told it maybe hijacked I have no idea. Your help would be greatly appreciated.


Logfile of HijackThis v1.99.1
Scan saved at 9:41:22 PM, on 11/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\LEXBCES.EXE
F:\WINDOWS\system32\LEXPPS.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Common Files\Command Software\dvpapi.exe
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\WINDOWS\system32\pctspk.exe
F:\WINDOWS\System32\HPZipm12.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
F:\Program Files\Creative\PC-CAM Center\CAMTRAY.EXE
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Zero Knowledge\Freedom\Freedom.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\Messenger\msmsgs.exe
F:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
F:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
F:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - F:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: Nick Aracde Toolbar - {4E7BD74F-2B8D-469E-9EB4-FE6FA694B13E} - F:\PROGRA~1\NICKAR~1\NICKAR~1.DLL
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - F:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - F:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Nick Aracde Toolbar - {4E7BD74F-2B8D-469E-9EB4-FE6FA694B13E} - F:\PROGRA~1\NICKAR~1\NICKAR~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [DSS] F:\WINDOWS\BBStore\DSS\dssagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "F:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "F:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Creative WebCam Tray] F:\Program Files\Creative\PC-CAM Center\CAMTRAY.EXE
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "F:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [DXM6Patch_981116] F:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVCOMS] F:\WINDOWS\system32\LVCOMS.EXE
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Freedom] F:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "F:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [swg] F:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\Go ogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = F:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: palstart.exe
O8 - Extra context menu item: &Yahoo! Search - file:///F:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///F:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///F:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///F:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - F:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - F:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {55A548B3-AFA8-41E3-8057-FD24931C6388} (FXExec Control) - http://216.87.37.188/app/FXCtrl.cab
O16 - DPF: {613E4C32-2100-4F57-BF9F-CCF26DF9BB4C} - https://www.movielink.com/store/web/...gerInstall.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1134959603410
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1134959595068
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O20 - Winlogon Notify: WgaLogon - F:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - F:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - F:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - F:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - F:\WINDOWS\System32\HPZipm12.exe
  #2  
Old November 4th, 2006, 06:07 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
  
Join Date: Dec 2004
Posts: 52,284
Duplicate thread - see here.
Closed Topic

Bookmarks

« Previous Topic | Next Topic »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
MY CPU FAN ROTATING FAST and FAST avrserver Hardware 7 February 24th, 2009 05:16 AM
Everything is fast but? pops1890 Windows XP 3 July 16th, 2008 10:00 PM
Help Fast!!! Desire Malware Removal 1 November 4th, 2006 03:00 AM
need help fast 30111987 Web Development & Graphic Design 3 October 20th, 2005 08:36 AM


All times are GMT +1. The time now is 06:28 PM.