My computer is infected so I ran a HiJack this scan. Can someone help me decipher the summary?
Here's the report: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:30:36 AM, on 5/25/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\Ati2evxx.exe D:\Program Files\Alwil Software\Avast5\AvastSvc.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\system32\WgaTray.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\Program Files\Analog Devices\SoundMAX\Smax4.exe D:\Program Files\Analog Devices\Core\smax4pnp.exe D:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe D:\WINDOWS\system32\Pen_Tablet.exe D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE D:\Program Files\PowerISO\PWRISOVM.EXE D:\WINDOWS\system32\WTablet\Pen_TabletUser.exe D:\WINDOWS\system32\Pen_Tablet.exe D:\Documents and Settings\Curt\Local Settings\Application Data\vmc.exe D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe D:\Program Files\Logitech\Gaming Software\LWEMon.exe D:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe D:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe D:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Alwil Software\Avast5\avastUI.exe D:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe D:\Program Files\Trend Micro\HijackThis\HijackThis.exe D:\Program Files\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z030&form=ZGAPHP R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - D:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\prxConduitEngine.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - D:\Program Files\Search Toolbar\SearchToolbar.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - D:\Program Files\Vuze_Remote\prxtbVuze.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - D:\Program Files\Search Toolbar\SearchToolbar.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - D:\Program Files\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\prxConduitEngine.dll O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [JMB36X Configure] D:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ANIWZCS2Service] D:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Start WingMan Profiler] D:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [DiscWizardMonitor.exe] D:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] D:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe O4 - HKLM\..\Run: [Seagate Scheduler2 Service] "D:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [avast5] "D:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [TranscodingService] "D:\Program Files\TiVo\Desktop\TranscodingService.exe" /auto O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Append Link Target to Existing PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) - Seagate - D:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - D:\WINDOWS\system32\Pen_Tablet.exe -- End of file - 7128 bytes
May 25th, 2011 2:27pm

I'm not sure if it helps, but I have Windows XP.
Free Windows Admin Tool Kit Click here and download it now
May 25th, 2011 2:28pm

I would suggest using MalwareBytes: http://majorgeeks.com/download.php?det=5756 If you aren't sure what you are deleting with Hijack This you can cause some serious damage to your computer. Are you getting any pops to clean your computer? Try to get the name of the process and kill it so you are able to install Malware Bytes.
May 25th, 2011 3:13pm

http://hijackthis.de will give an automated analysis. HJT is not good enough at detecting or removing modern malware, you really need to visit a specialist Malware removal forum for help. I use Majorgeeks forums.
Free Windows Admin Tool Kit Click here and download it now
May 25th, 2011 3:15pm

Hi, Here is Windows 7 forum. Since you are running Windows XP, it is recommended contacting Windows XP forum. http://social.technet.microsoft.com/Forums/en/itproxpsp/threads Since HijackThis is a third party software, you need to contact Trend Micro expert to analyze. From Microsoft stand point, I suggest using Safety Scanner and Microsoft Security software as well as contacting PCSafety phone support. For support within the United States and Canada, call toll-free (866) PCSAFETY (727-2338). Best Regards, Niki Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
May 27th, 2011 7:28pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics