| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 113200 | 2010-10-09 08:08:00 | HiJackThis log....help please | powerover (12121) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1142963 | 2010-10-09 08:08:00 | computer is acting strangely lately...can't really tell what's wrong, but it just feels different, sometime the mouse lags a bit, barely noticeable, other times game crashes, with the HDD light flashing with a pattern, etc etc. Here is the log, anything doggy?? thanks for the help in advance :D Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:04:42 p.m., on 9/10/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6182 bytes |
powerover (12121) | ||
| 1142964 | 2010-10-09 08:21:00 | You can tick these then tick fix checked Close browsers. Or delete its entry in startup with ccleaner O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe |
Speedy Gonzales (78) | ||
| 1142965 | 2010-10-09 08:31:00 | thanks speedy I knew u would be the first to reply :D will do so now. one thing is bothering me tho, what is with all the "file missing" stuff??? n u cnt find any nasty stuff there? what is causing the lags then?...um.... oh, and what is wrong with tea timer again?? thanks :D |
powerover (12121) | ||
| 1142966 | 2010-10-09 08:41:00 | If this is 64 bit, its either not compat with HJT. Or its a permission prob, why HJT thinks files are missing. They'll still be there. Teatimer, if its in startup / running can block programs from installing / working properly. Everything else looks fine (there's not much else in the log for it to lag)! I know some mobo chipsets can make you lag. I had one, it was so bad it took 30 secs - 1 min+ for anything to move. In the end I biffed the mobo. It maybe sidebar, it can be a memory hog. It may pay to install some kind of AV program. Spybot wont protect you from everything |
Speedy Gonzales (78) | ||
| 1142967 | 2010-10-09 21:24:00 | If this is 64 bit, its either not compat with HJT. Or its a permission prob, why HJT thinks files are missing. They'll still be there. Teatimer, if its in startup / running can block programs from installing / working properly. Everything else looks fine (there's not much else in the log for it to lag)! I know some mobo chipsets can make you lag. I had one, it was so bad it took 30 secs - 1 min+ for anything to move. In the end I biffed the mobo. It maybe sidebar, it can be a memory hog. It may pay to install some kind of AV program. Spybot wont protect you from everything i dnt use any gadgets or anything (sidebar is a gadget right?), i try my best to keep everything lean and mean..... i have been going without AV for aaaaages, maybe im heavily infected....maybe thats whats causing the lags.. :P what is a good free AV again?? i liked the user interface of AVG but none of you guys like it..tried some others, dnt like any of them, then i jst gave up....:annoyed: oh and how did you learn how to read the logs??? it sort of kind of sort of make sense to me, but i couldn't understand everything and knw what everything does.....:( thanks speedy :D |
powerover (12121) | ||
| 1142968 | 2010-10-09 22:12:00 | The log just shows a list of programs you've installed. If you know what they are, (and that you installed them) they're fine. The rest of the entries are usually services (for whatever programs), and windows. And the bho entries are installed (usually by programs you install, like toolbars). Altho, some spyware / malware may also install them. And the startup entries are from programs you install (and by malware). Its the startup entries you have to watch / be careful of), if its malware / trojans etc. Because once the file for it runs, it can cause damage.If you're not sure what a file is (in strartup), you check Google :p |
Speedy Gonzales (78) | ||
| 1142969 | 2010-10-10 00:19:00 | MSI Afterburner... Could it be overclocking that makes the system unstable? Just wondering. |
LynX (14542) | ||
| 1142970 | 2010-10-10 00:22:00 | It can I suppose. I dont know what that does, so didnt know it can let you overclock | Speedy Gonzales (78) | ||
| 1142971 | 2010-10-10 00:36:00 | The name got my attention. event.msi.com It's a graphics overclocker, though. Also, I've been fooling around with EasyTune on my P4 1.8G computer, and at one time it felt like running XP on a calculator: you can't even call it "lag" because it's more like a slideshow, at 1 frame per second. But that's a bit extreme, though... Anyway, have you opened HJT "as administrator"? |
LynX (14542) | ||
| 1142972 | 2010-10-10 02:09:00 | The log just shows a list of programs you've installed . If you know what they are, (and that you installed them) they're fine . The rest of the entries are usually services (for whatever programs), and windows . And the bho entries are installed (usually by programs you install, like toolbars) . Altho, some spyware / malware may also install them . And the startup entries are from programs you install (and by malware) . Its the startup entries you have to watch / be careful of), if its malware / trojans etc . Because once the file for it runs, it can cause damage . If you're not sure what a file is (in strartup), you check Google :p oh . . . . not too difficult to understand after all . . . thnks speedy . :D |
powerover (12121) | ||
| 1 2 | |||||