|
Posted by =?Utf-8?B?TGVzbGllNDI0NQ==?= on June 28, 2006, 8:32 pm
If you were Registered and logged in, you could reply and use other advanced thread options
The other day, OuterInfo loaded itself onto my computer. I think I managed
to remove most of it, but there are still a lot of problems. I ran
HijackThis and got a log of what is going on with my computer because it is
still having trouble and running very slowly. It is running 89 processes at
100% CPU usage! Can anyone advise me of what to delete and what programs are
spyware?
THANK YOU!
Logfile of HijackThis v1.99.1
QUOTE
Scan saved at 7:09:00 PM, on 6/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Windows folder: C:\WINDOWS
System folder: C:\WINDOWS\SYSTEM32
Hosts file: C:\WINDOWS\System32\drivers\etc\hosts
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\spss_lmd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\system32\TpScrLk.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\progra~1\yahoo!\YCentral\YahooCentral.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\IBM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\WINDOWS\system32\DllHost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Common Files\STOPzilla!\SZServer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\TEMP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar -
- C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - -
C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (filesize 439872
bytes, MD5 B2217B49328CB84C421FBBE9079D9AA7)
O2 - BHO: Adobe PDF Reader Link Helper -
- C:\Program Files\Adobe\Acrobat
7.0\ActiveX\AcroIEHelper.dll (filesize 63128 bytes, MD5
F17B2B264072B921FC66A0BE16626BAB)
O2 - BHO: (no name) - -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll (filesize 853672 bytes, MD5
250D787A5712D7768DDC133B3E477759)
O2 - BHO: Yahoo! IE Services Button -
- C:\Program Files\Yahoo!\Common\yiesrvc.dll (filesize 181752 bytes, MD5
90AAE04C4C2F05981FB7BF24E70AC0AA)
O2 - BHO: DriveLetterAccess - -
C:\WINDOWS\system32\dla\tfswshx.dll (filesize 118842 bytes, MD5
E1FBDCF1BB4DFEDCC0A7A86B5EFF9B18)
O2 - BHO: WsftpBrowserHelper Class -
- C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll (filesize 118830 bytes,
MD5 730A5CE724DA79225AFDCF33F90043B2)
O2 - BHO: SSVHelper Class - -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (filesize 184423 bytes, MD5
F01726F7CA8538FDD4663C9DB8FEAEDC)
O2 - BHO: Adobe PDF Conversion Toolbar Helper -
- C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll (filesize 231160 bytes, MD5
6A95C44FFF0AFE30351CBC92CF327924)
O2 - BHO: STOPzilla Browser Helper Object -
- C:\Program
Files\STOPzilla!\SZIEBHO.dll (filesize 143360 bytes, MD5
97C21F7BA11DEA3C5A4F3FBCC0834C6A)
O3 - Toolbar: Adobe PDF - -
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (filesize
231160 bytes, MD5 6A95C44FFF0AFE30351CBC92CF327924)
O3 - Toolbar: SciFinder Scholar Bar -
- mscoree.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - -
C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (filesize 439872
bytes, MD5 B2217B49328CB84C421FBBE9079D9AA7)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program
Files\Synaptics\SynTP\SynTPLpr.exeC:\Program
Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exeC:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program
Files\ThinkPad\Utilities\TpKmapAp.exe -helper (filesize 864256 bytes, MD5
3F49D8DAFE6E2218949FC81C9D123DEF)
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe (filesize 86016 bytes, MD5
1210C7702AE0BCA385F9EAAE731DE1FE)
O4 - HKLM\..\Run: [TPHOTKEY]
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exeC:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe (filesize 40960 bytes, MD5
0CE90453E3CBDDD79A3D38F3EB260704)
O4 - HKLM\..\Run: [EZEJMNAP]
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.ExeC:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [dla]
C:\WINDOWS\system32\dla\tfswctrl.exeC:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32
C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog
Devices\SoundMAX\SMax4PNP.exeC:\Program Files\Analog
Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog
Devices\SoundMAX\Smax4.exe /tray (filesize 860160 bytes, MD5
38818B6E7E273C45E1A419661F164B72)
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
Shared\ccApp.exe" (filesize 66680 bytes, MD5 371D2FA0DFEB9767B3CC7CAE1AB21A5A)
O4 - HKLM\..\Run: [vptray]
C:\PROGRA~1\SYMANT~1\VPTray.exeC:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil
/RemAdvDef /Migration32 (filesize 208952 bytes, MD5
7BBE4CF421AECC7F0226EDD75F12079F)
O4 - HKLM\..\Run: [IMEKRMIG6.1]
C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXEC:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
/SYNC (filesize 59392 bytes, MD5 1B17E09C1223F6D17336D2DD7A1AF4F4)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe
bthprops.cpl,,BluetoothAuthenticationAgent (filesize 33280 bytes, MD5
DA285490BBD8A1D0CE6623577D5BA1FF)
O4 - HKLM\..\Run: [CJIMETIPSYNC] C:\Program Files\Common Files\Microsoft
Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync (filesize 63040 bytes,
MD5 7E36047C8A76BC50F38E2D83FA9F09DD)
O4 - HKLM\..\Run: [PHIMETIPSYNC] C:\Program Files\Common Files\Microsoft
Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync (filesize 95296 bytes,
MD5 B37D80E04823496C8E3B6067B9952C7D)
O4 - HKLM\..\Run: [CoolSwitch]
C:\WINDOWS\system32\taskswitch.exeC:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat
7.0\Distillr\Acrotray.exe" (filesize 483328 bytes, MD5
78FF388FD58CE0BAE1F7C9670F5473C1)
O4 - HKLM\..\Run: [BLOG] rundll32
C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TPKBDLED]
C:\WINDOWS\system32\TpScrLk.exeC:\WINDOWS\system32\TpScrLk.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control
Panel\atiptaxx.exe" (filesize 344064 bytes, MD5
190C10B86668D097B81DC9F25929B159)
O4 - HKLM\..\Run: [ACTray] C:\Program
Files\ThinkPad\ConnectUtilities\ACTray.exeC:\Program
Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program
Files\ThinkPad\ConnectUtilities\ACWLIcon.exeC:\Program
Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
-atboottime (filesize 155648 bytes, MD5 C74C7963EEC07AF49DCE44D64819B2BF)
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows
Defender\MSASCui.exe" -hide (filesize 1420560 bytes, MD5
81AA8BA06A824E637E2BA290D4FA9E3E)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
(filesize 278528 bytes, MD5 8778072A594E1310C0B7D0A93771E8BD)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program
Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [YCentral]
c:\progra~1\yahoo!\YCentral\YahooCentral.exec:\progra~1\yahoo!\YCentral\YahooCentral.exe
O4 - HKLM\..\Run: [IMJPMIG9.0] "C:\Program Files\Common Files\Microsoft
Shared\IME\IMJP9\imjprmzb.exe" /RmZombie (filesize 34504 bytes, MD5
337CE4D4F2C403154F29069E771C5EFC)
O4 - HKLM\..\Run: [STOPzilla] C:\Program Files\STOPzilla!\STOPzilla.exe
/autostart (filesize 61440 bytes, MD5 80AE38B256FA4E76E877B91FBAEC4087)
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
Destroy\TeaTimer.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash
/minimized (filesize 18577448 bytes, MD5 9BB317F9AAD3AEFBA0C5C70B03C354FF)
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM
XP Pro\FreeRAM XP Pro.exe" -win (filesize 1591808 bytes, MD5
667F078955A93FE382F74D5F109DFE31)
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE"
-quiet (filesize 4538368 bytes, MD5 2907A6359BEC6E2EB0BC1596885DA8E7)
O4 - HKCU\..\RunOnce: [ypagerps] cmd.exe /C del "C:\Program
Files\Yahoo!\Messenger\ypagerps.dll"
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo!
Widget Engine\YahooWidgetEngine.exe (filesize 1806336 bytes, MD5
7515DC58C1296AD6CED6327DBB432E7D)
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://C:\Program Files\Adobe\Acrobat
7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program
Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program
Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program
Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm (filesize 1320 bytes, MD5
5D7E8FB2BA9FA192C3846A0DF1699FD1)
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program
Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program
Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program
Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (filesize 184423 bytes, MD5
F01726F7CA8538FDD4663C9DB8FEAEDC)
O9 - Extra 'Tools' menuitem: Sun Java Console -
- C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll (filesize 184423 bytes, MD5
F01726F7CA8538FDD4663C9DB8FEAEDC)
O9 - Extra button: Yahoo! Services -
- C:\Program Files\Yahoo!\Common\yiesrvc.dll (filesize 181752 bytes, MD5
90AAE04C4C2F05981FB7BF24E70AC0AA)
O9 - Extra button: Research - -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (filesize 40512 bytes, MD5
0FA0BDAA2FF4ED7E5A2FA2EC1B536712)
O9 - Extra button: @btrez.dll,-4015 -
- C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm (filesize 2681
bytes, MD5 E0DAFE406143123E6DE12FA111F53B24)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
- C:\Program Files\IBM\Bluetooth
Software\btsendto_ie.htm (filesize 2681 bytes, MD5
E0DAFE406143123E6DE12FA111F53B24)
O9 - Extra button: Software Installer -
- C:\Program
Files\ThinkPad\PkgMgr\PkgMgr.exe (filesize 1368064 bytes, MD5
37A906FB15501CD42BD798D912FC4BC4)
O9 - Extra button: Messenger - -
C:\Program Files\Messenger\msmsgs.exe (filesize 1694208 bytes, MD5
74E6E96C6F0E2ECA4EDBB7F7A468F259)
O9 - Extra 'Tools' menuitem: Windows Messenger -
- C:\Program
Files\Messenger\msmsgs.exe (filesize 1694208 bytes, MD5
74E6E96C6F0E2ECA4EDBB7F7A468F259)
O11 - Options group: [JAVA_IBM] Java (IBM)
O12 - Plugin for .cdx: C:\Program Files\Internet
Explorer\plugins\Npcdn32.dll (filesize 4342648 bytes, MD5
7580F903EED3492D8ADB318E7A1FED81)
O12 - Plugin for .NPSSView: C:\Program Files\Seagate
Software\Viewers\ActiveXViewer\NPssView.dll (filesize 86016 bytes, MD5
1853A4227080B04525C6E57CDD121488)
O16 - DPF: (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (YInstStarter Class) -
C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: (Snapfish Activia) -
http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: (Facebook Photo Uploader
Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: (Housecall ActiveX 6.5) -
http://us-housecall.trendmicro-europe.com/...ivex/hcImpl.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = deacnet.wfu.edu
O17 - HKLM\Software\..\Telephony: DomainName = deacnet.wfu.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = deacnet.wfu.edu
O18 - Protocol: widimg - -
C:\WINDOWS\system32\btxppanel.dll (filesize 110592 bytes, MD5
81609C82CC898BB88B099F3D95FC309D)
O20 - AppInit_DLLs: KATRACK.DLL C:\WINDOWS\system32\wmfhotfix.dll
C:\WINDOWS\system32\spoolsv.dll
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: NavLogon -
C:\WINDOWS\system32\NavLogon.dllC:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: tpfnf2 -
C:\WINDOWS\SYSTEM32\notifyf2.dllC:\WINDOWS\SYSTEM32\notifyf2.dll
O20 - Winlogon Notify: tphotkey -
C:\WINDOWS\SYSTEM32\tphklock.dllC:\WINDOWS\SYSTEM32\tphklock.dll
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\SYSTEM32\WgaLogon.dllC:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - -
C:\WINDOWS\system32\WPDShServiceObj.dll (filesize 52224 bytes, MD5
8F9A244A9E6D7C3566C9C6B064D8767C)
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner -
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exeC:\Program
Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: ACU Configuration Service (ACS) - Unknown owner -
C:\WINDOWS\system32\acs.exeC:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program
Files\ThinkPad\ConnectUtilities\AcSvc.exeC:\Program
Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation -
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exeC:\Program
Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program
Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec
Shared\ccPwdSvc.exeC:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program
Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc.
- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exeC:\Program Files\Cisco
Systems\VPN Client\cvpnd.exe
O23 - Service: DeaconAlertsSvc - - c:\program
files\deaconalerts\deaconalertsservice.exec:\program
files\deaconalerts\deaconalertsservice.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec
Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program
Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\EvtEng.exeC:\Program
Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s.
- C:\Program Files\ewido anti-spyware 4.0\guard.exeC:\Program Files\ewido
anti-spyware 4.0\guard.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner -
C:\WINDOWS\system32\ibmpmsvc.exeC:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\Intel
32\IDriverT.exeC:\Program Files\Common Files\InstallShield\Driver\Intel
32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exeC:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program
Files\Common Files\Macromedia Shared\Service\Macromedia
Licensing.exeC:\Program Files\Common Files\Macromedia
Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP -
C:\WINDOWS\system32\HPZipm12.exeC:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program
Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel
Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program
Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec
AntiVirus\SavRoam.exeC:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec
Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) -
Analog Devices, Inc. - C:\Program Files\Analog
Devices\SoundMAX\SMAgent.exeC:\Program Files\Analog
Devices\SoundMAX\SMAgent.exe
O23 - Service: Spss License Manager (SpssLM) - Unknown owner -
C:\WINDOWS\system32\spss_lmd.exeC:\WINDOWS\system32\spss_lmd.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program
Files\Symantec AntiVirus\Rtvscan.exeC:\Program Files\Symantec
AntiVirus\Rtvscan.exe
O23 - Service: STOPzilla Service (szserver) - Unknown owner - C:\Program
Files\Common Files\STOPzilla!\SZServer.exeC:\Program Files\Common
Files\STOPzilla!\SZServer.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. -
C:\WINDOWS\System32\TPHDEXLG.EXEC:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner -
C:\WINDOWS\system32\TpKmpSVC.exeC:\WINDOWS\system32\TpKmpSVC.exe
|
|
Posted by Tom Willett on June 28, 2006, 8:48 pm
If you were Registered and logged in, you could reply and use other advanced thread options
You will undoubtably get many negative responses for posting your log in the
wrong place.
> The other day, OuterInfo loaded itself onto my computer. I think I
> managed
> to remove most of it, but there are still a lot of problems. I ran
> HijackThis and got a log of what is going on with my computer because it
> is
> still having trouble and running very slowly. It is running 89 processes
> at
> 100% CPU usage! Can anyone advise me of what to delete and what programs
> are
> spyware?
> THANK YOU!
>
>
|
|
Posted by =?Utf-8?B?TGVzbGllNDI0NQ==?= on June 28, 2006, 9:14 pm
If you were Registered and logged in, you could reply and use other advanced thread options
someone direct me to the proper location for this?
"Tom Willett" wrote:
> You will undoubtably get many negative responses for posting your log in the
> wrong place.
>
> > The other day, OuterInfo loaded itself onto my computer. I think I
> > managed
> > to remove most of it, but there are still a lot of problems. I ran
> > HijackThis and got a log of what is going on with my computer because it
> > is
> > still having trouble and running very slowly. It is running 89 processes
> > at
> > 100% CPU usage! Can anyone advise me of what to delete and what programs
> > are
> > spyware?
> > THANK YOU!
> >
> >
>
>
>
|
|
Posted by Malke on June 28, 2006, 10:28 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> I'm very sorry...I didn't realize I put this in the wrong place.
> Could someone direct me to the proper location for this?
Sure, here are some links to specialty forums where you can post your
HijackThis log (listed in no particular order):
http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Merijn
http://www.bleepingcomputer.com/forums/index.php?showtutorial=42 -
another tutorial
http://aumha.net/viewforum.php?f=30
http://castlecops.com/forum67.html
http://spywarewarrior.com/viewforum.php?f=5 - Spyware Warrior HijackThis
forum
http://www.wilderssecurity.com/
http://forums.tomcoyote.org/
As Tom said, we ask that you not post HJT logs here in the MS newsgroups
because you won't get the time and expert attention you need here.
Good luck,
Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
|
|
Posted by Unobtrusive on June 29, 2006, 2:36 am
If you were Registered and logged in, you could reply and use other advanced thread options
books...
Notice you have it loaded multiple times?
> Leslie4245 wrote:
>
> > I'm very sorry...I didn't realize I put this in the wrong place.
> > Could someone direct me to the proper location for this?
>
> Sure, here are some links to specialty forums where you can post your
> HijackThis log (listed in no particular order):
>
> http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Merijn
> http://www.bleepingcomputer.com/forums/index.php?showtutorial=42 -
> another tutorial
> http://aumha.net/viewforum.php?f=30
> http://castlecops.com/forum67.html
> http://spywarewarrior.com/viewforum.php?f=5 - Spyware Warrior HijackThis
> forum
> http://www.wilderssecurity.com/
> http://forums.tomcoyote.org/
>
> As Tom said, we ask that you not post HJT logs here in the MS newsgroups
> because you won't get the time and expert attention you need here.
>
> Good luck,
>
> Malke
> --
> Elephant Boy Computers
> www.elephantboycomputers.com
> "Don't Panic!"
> MS-MVP Windows - Shell/User
|
| Similar Threads | Posted | | The Difference Between Adware, Spyware and Anti-virus.(spyware blockers) | April 4, 2008, 5:53 am |
| http://www.spyware-solutions.info a website about spyware solutions | November 11, 2006, 8:07 pm |
| Spyware I think | November 16, 2005, 5:50 pm |
| spyware | March 11, 2006, 12:39 am |
| Re: spyware | August 15, 2007, 4:39 am |
| spyware | June 7, 2008, 8:20 am |
| Spyware/malware | July 20, 2005, 6:09 am |
| spyware infected | July 24, 2005, 9:23 pm |
| spyware recovery | July 26, 2005, 12:58 am |
| spyware problem | December 10, 2005, 11:39 pm |
|
XML site map