We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Hijack this can anyone help
Comments
-
google update is still there
SpecialSavingsSinged.dll???
What are the symptoms? what is the current and peak commit charge
how long does it take to boot
what is the download speed on a speedchecker
Do you have the windows disc, or does it have a factory restore partition?
does start, run
chkdsk c:
find anything wrong?!!
> . !!!! ----> .0 -
If you want to get rid of that last autotbar entry...
Open a Run command (Start > Run) The copy/paste the contents of the code box and click OKC:\Documents and Settings\Default User\Start Menu\Programs\Startup
Delete AutoTBar
Run Hijackthis & fix these entries (Check them & click "Fix Checked")
Close Hijackthis & REBOOTO4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
Run Hijackthis again and post a new log.0 -
google update is still there
SpecialSavingsSinged.dll???
What are the symptoms? what is the current and peak commit charge
how long does it take to boot
what is the download speed on a speedchecker
Do you have the windows disc, or does it have a factory restore partition?
does start, run
chkdsk c:
find anything wrong?
Cant find google update in windows/tasks
SpecialSavingsSinged.dll??? What do you mean
PC boots up ok, web pages take a long while to load and switching between sites can take a while (faster since i started this process)
Current commit 433560
peak 683460
download speed is 9.75 upload is 1.02
no windows disc, not sure about partition
will run chdsk0 -
If you want to get rid of that last autotbar entry...
Open a Run command (Start > Run) The copy/paste the contents of the code box and click OKC:\Documents and Settings\Default User\Start Menu\Programs\Startup
Delete AutoTBar
Run Hijackthis & fix these entries (Check them & click "Fix Checked")
Close Hijackthis & REBOOT
Run Hijackthis again and post a new log.
done that
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:16:57, on 04/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.moneysavingexpert.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SpecialSavings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\SpecialSavings\SpecialSavingsSinged.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\SpecialSavings\SpecialSavingsSinged.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 5680 bytes0 -
O2 - BHO: SpecialSavings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\SpecialSavings\SpecialSavingsSinged.dll
Somewhere between your 1st log and last you've managed to pick up a program that's installed a BHO (Browser Helper Object). These kinds of programs are questionable and will do nothing to improve your situation & may possibly prove detrimental to it.0 -
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
Click the links for inforamtion about whether it needs to autostart or not. If you decide you don't need them, they can be fixed with Hijackthis.
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
http://www.bleepingcomputer.com/startups/hpsysdrv-2046.html
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
http://www.bleepingcomputer.com/startups/HPHmon05-2023.html
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
http://www.bleepingcomputer.com/startups/KBD-2398.html
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
http://www.bleepingcomputer.com/startups/Sunkist2k-5261.html
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
http://www.bleepingcomputer.com/startups/AlcxMonitor-245.html
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
http://www.bleepingcomputer.com/startups/PS2-4249.html
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
http://www.bleepingcomputer.com/startups/avast5-25609.html
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
http://www.bleepingcomputer.com/startups/NvCplDaemon-3809.html
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
http://www.bleepingcomputer.com/startups/QuickTime_Task-4341.html
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
http://www.bleepingcomputer.com/startups/Acme.PCHButton-123.html0 -
Somewhere between your 1st log and last you've managed to pick up a program that's installed a BHO (Browser Helper Object). These kinds of programs are questionable and will do nothing to improve your situation & may possibly prove detrimental to it.
Thanks
deleted that
Ran chdsk and the window disappeared without me seeing the results, does this mean it didnt find anything0 -
Click the links for inforamtion about whether it needs to autostart or not. If you decide you don't need them, they can be fixed with Hijackthis.
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
http://www.bleepingcomputer.com/startups/hpsysdrv-2046.html
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
http://www.bleepingcomputer.com/startups/HPHmon05-2023.html
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
http://www.bleepingcomputer.com/startups/KBD-2398.html
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
http://www.bleepingcomputer.com/startups/Sunkist2k-5261.html
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
http://www.bleepingcomputer.com/startups/AlcxMonitor-245.html
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
http://www.bleepingcomputer.com/startups/PS2-4249.html
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
http://www.bleepingcomputer.com/startups/avast5-25609.html
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
http://www.bleepingcomputer.com/startups/NvCplDaemon-3809.html
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
http://www.bleepingcomputer.com/startups/QuickTime_Task-4341.html
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe
http://www.bleepingcomputer.com/startups/Acme.PCHButton-123.html
Been through the list and got rid of a few0 -
Ran chdsk and the window disappeared without me seeing the results, does this mean it didnt find anything
Start > run > copy/paste eventvwr.msc
Then click ok
Click application. Look under source for winlogon
It should start something like:
"Checking file system on C:
The type of the file system is..."
.0 -
start, run
cmd
chkdsk c: /F
reboot
check the manual to see how to reinstall windows from recovery partition, or how to create the windows disc. have you backed up?
youve installed something here C:\Program Files\SpecialSavings\SpecialSavingsSinged.dll!!
> . !!!! ----> .0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.1K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards