New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Donations
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
image
Prime Choice
· Head Lines
· Advisories (All)
· Dnld of the Week!
· CCSP News Ltrs
· Find a Cure!

· Ian T's (AR 24)
· Marcia's (CO8)
· Bill G's (CO12)
· Paul's (AR 5)
· Robin's (AR 2)

· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
· Robin's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· RegChat
· Reviews
· Google Search
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
How much can you give to keep Computer Cops online?

$10 up to $25 per year?
$25 up to $50 per year?
$10 up to $25 per month?
$25 up to $50 per month?
More than $50 per year?
More than $50 per month?
One time only?
Other (please comment)



Results
Polls

Votes: 1195
Comments: 21
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin   Your Favorite ForumsFavForums 

Hijack This stops responding

 
Post new topic   Reply to topic       All -> FavForums -> Site Toolkit
View previous topic :: View next topic  
Author Message
taz71498

1st Responder
1st Responder
Premium Member
Premium Member


Joined: Jan 30, 2004
Posts: 1445
Location: USA

PostPosted: Mon Mar 29, 2004 11:12 am    Post subject: Hijack This stops responding
Reply with quote

I have been trying to run Hijack This on one of my computers. It starts the scan and then stops responding. Anyone have this problem? Any suggestions. I had run Hijack This on this computer before, so it worked at one time.
Back to top
View users profile Send private message
irelynnmisses

1st Responder
1st Responder



Joined: Jan 27, 2004
Posts: 1110
Location: USA

PostPosted: Wed Mar 31, 2004 11:18 am    Post subject:
Reply with quote

re-download hijackthis and see if that helps:

www.zerosrealm.com/downloads/hjt.zip
Unzip, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log, load it in Notepad, and copy its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet.
Back to top
View users profile Send private message Send email Visit posters website AIM Address Yahoo Messenger MSN Messenger
taz71498

1st Responder
1st Responder
Premium Member
Premium Member


Joined: Jan 30, 2004
Posts: 1445
Location: USA

PostPosted: Wed Mar 31, 2004 4:38 pm    Post subject:
Reply with quote

Hi irelynnmisses,

Well, thanks for trying to help. It must be my computer that I am using. I have tried everything. I have downloaded and redownloaded. I even tried it in safe mode. Ran online virus scan, nothing. This computer I am using is old. I want to use it for helping with Hijack this logs and download all the tools on here, but I think I might just reformat the hard drive and start with a clean computer. The computer is hanging for some reason. Maybe I need to grab one of my other old computers and try. I am not really good with hardware issues but maybe that could be the cause. Who knows.

_________________
Some days you're the dog, and some days you're the hydrant.
Back to top
View users profile Send private message
irelynnmisses

1st Responder
1st Responder



Joined: Jan 27, 2004
Posts: 1110
Location: USA

PostPosted: Wed Mar 31, 2004 8:14 pm    Post subject:
Reply with quote

Sorry to hear that,, maybe one of our super expert will come to your rescue Razz
I hope you fix it though so we can see ya here!

_________________
Forum Moderator at:
http://killspyware.go.dyndns.org/
Helper At:
http://www.spywareinfo.com/
1st Rwsponder At:
http://www.computercops.biz/
Back to top
View users profile Send private message Send email Visit posters website AIM Address Yahoo Messenger MSN Messenger
taz71498

1st Responder
1st Responder
Premium Member
Premium Member


Joined: Jan 30, 2004
Posts: 1445
Location: USA

PostPosted: Wed Mar 31, 2004 8:20 pm    Post subject:
Reply with quote

Thanks. I am here helping, I have 3 computers, I just wanted to dedicate one though for this. No biggy, I can just reformat it and see if I can get it going.
_________________
Some days you're the dog, and some days you're the hydrant.
Back to top
View users profile Send private message
irelynnmisses

1st Responder
1st Responder



Joined: Jan 27, 2004
Posts: 1110
Location: USA

PostPosted: Thu Apr 01, 2004 12:50 am    Post subject:
Reply with quote

hee hee... good luck Smile
_________________
Forum Moderator at:
http://killspyware.go.dyndns.org/
Helper At:
http://www.spywareinfo.com/
1st Rwsponder At:
http://www.computercops.biz/
Back to top
View users profile Send private message Send email Visit posters website AIM Address Yahoo Messenger MSN Messenger
SHERI

Trooper
Trooper



Joined: Apr 23, 2004
Posts: 10
Location: USA

PostPosted: Fri Apr 23, 2004 7:09 pm    Post subject: hijackthis log PLEASE HELP!!!
Reply with quote


Hi, Could one of the experts please view my hijackthis log and let me know why I am getting popups,my computer is running slow and I am having a hard time connection to internet. I have run cwshredder, ad-aware, spybot and spywareblaster. I have run a security check on the symantec website and it said at one time that I had trojan.byteverify but after I ran some of the programs I mentioned, it comes up clean now according to symantec but I am still getting the popups and other problems I mentioned. PLEASE PLEASE PLEASE HELP!!!! Thanks Sheri





Logfile of HijackThis v1.97.7
Scan saved at 2:40:01 AM, on 4/23/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Canon\MultiPASS4\monitr32.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\fxredir.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Canon\MultiPASS4\MPDBMgr.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\MAILWA~1\MAILWA~1.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Documents and Settings\SHERI\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ebay.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://ebay.com/
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {f760cb9e-c60f-4a89-890e-fae8b849493e} - C:\WINDOWS\madise.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O4 - HKLM\..\Run: [Dell|Alert] C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [monitr32] C:\Program Files\Canon\MultiPASS4\monitr32.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [fxredir] C:\WINDOWS\System32\fxredir.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MailWasher] C:\PROGRA~1\MAILWA~1\MAILWA~1.EXE
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/...1/chat.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/...acscom.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar...vSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.141/code/PWActiveXImgCtl.CAB
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/C...0167708333
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/Shar.../cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shoc...wflash.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EP...-0-3-0.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/se...loader.cab
O16 - DPF: {f760cb9e-c60f-4a89-890e-fae8b849493e} (IRDIXAObj Class) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{F716D0BC-CCA0-4140-B28C-EBE5A323C528}: NameServer = 208.24.218.3
Back to top
View users profile Send private message
taz71498

1st Responder
1st Responder
Premium Member
Premium Member


Joined: Jan 30, 2004
Posts: 1445
Location: USA

PostPosted: Fri Apr 23, 2004 7:18 pm    Post subject:
Reply with quote

Hey Sheri,

I know you didn't mean to use the caps. Smile

I will help you.

I may have given you the wrong link by mistake. I will quick check though.
Back to top
View users profile Send private message
taz71498

1st Responder
1st Responder
Premium Member
Premium Member


Joined: Jan 30, 2004
Posts: 1445
Location: USA

PostPosted: Fri Apr 23, 2004 7:25 pm    Post subject:
Reply with quote

Sheri,

Your Hijackthis is still running in a temporary folder. You need to move it to, how about, My Documents. Run the program from there. The reason for this is that Hijackthis cannot create backup files while it is being run from a temporary folder.

When you do get the log please post it here:
http://www.computercops.biz/forum67.html Just before the messages start there is a button that says NEW TOPIC. Click on that and post your log there.
Back to top
View users profile Send private message
SHERI

Trooper
Trooper



Joined: Apr 23, 2004
Posts: 10
Location: USA

PostPosted: Fri Apr 23, 2004 7:27 pm    Post subject: Hijackthis log
Reply with quote

Thanks. Any help will be greatly appreciated. I don't know that much about computers. Sheri
Back to top
View users profile Send private message
IcSilk

Cadet
Cadet



Joined: Apr 23, 2004
Posts: 1
Location: USA

PostPosted: Fri Apr 23, 2004 9:00 pm    Post subject: Registry
Reply with quote

I had the same problem when I first got HijackThis. The problem with mine was that my registry was a mess w/alot of corrupt files - turns out that somehow, in the HKEY_LOCAL_MACHINE folder a file generated that disabled programs like hijackthis and ad-aware etc. I don't have the name of it anymore but it was in the form of .dll. I simply used a registry scanning application that professed to be top line at registry maintenance and cleaning and had a freeware trial version. It was 'CleanMyPC - Registry Cleaner 2.16'. If you Google for it you'll have more options to choose from as to what to use. But it solved everything and I have had no trouble with HijackThis since.

Good luck - hope it all works out for you.
Back to top
View users profile Send private message Yahoo Messenger
irelynnmisses

1st Responder
1st Responder



Joined: Jan 27, 2004
Posts: 1110
Location: USA

PostPosted: Sun Apr 25, 2004 3:04 am    Post subject:
Reply with quote

She isn't ahving registry problems.. she is having several viruses and trojans problem. Please disregard the above advice and stick with what TAZ has told ya to do Smile
_________________
Forum Moderator at:
http://killspyware.go.dyndns.org/
Helper At:
http://www.spywareinfo.com/
1st Rwsponder At:
http://www.computercops.biz/
Back to top
View users profile Send private message Send email Visit posters website AIM Address Yahoo Messenger MSN Messenger
Display posts from previous:   
Post new topic   Reply to topic       All -> FavForums -> Site Toolkit All times are GMT - 5 Hours
Page 1 of 1

 
 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB 2.0.8a © 2001 phpBB Group

Version 2.0.6 of PHP-Nuke Port by Tom Nitzschner © 2002 www.toms-home.com
Version 2.2 by Paul Laudanski © 2003-2004 Computer Cops