This is my HJT Log file, Can Someone Please Guide Me On What Programs To Remove.

Discussion in 'Windows - Virus and spyware problems' started by vinuvinzy, Jan 7, 2008.

  1. vinuvinzy

    vinuvinzy Member

    Joined:
    Dec 17, 2007
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    11
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:59:13 PM, on 1/7/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Free Download Manager\fdm.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\hjt\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoomail.com/
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: My_AutoWarkey_Script.lnk = C:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
    O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
    O17 - HKLM\System\CCS\Services\Tcpip\..\{EA5EDEC7-48FF-4DBF-B167-CE8DB60BDCAE}: NameServer = 192.168.1.1,218.248.255.161
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

    --
    End of file - 2622 bytes


    My system is a little slow, and when I check in task manager, what are the programs running, I see ctfmon.exe running in the name of administrator. Is this ok or is my system infected by some virus, and also my antivirus update is upto date. And working fine. Please help me as I dont want to mess with the HJT software by myself.
    Thanking You.
     
  2. QuikDraw

    QuikDraw Regular member

    Joined:
    Sep 29, 2007
    Messages:
    808
    Likes Received:
    0
    Trophy Points:
    26
    Log is clean!
     
  3. vinuvinzy

    vinuvinzy Member

    Joined:
    Dec 17, 2007
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    11
    but why is my system a little slow and why does this ctfmon.exe runs in task manager in the name of administrator....?. I dont see this in my friend's computer or in any other cafe systems. pls help me...
    Thank you. :)
     
  4. QuikDraw

    QuikDraw Regular member

    Joined:
    Sep 29, 2007
    Messages:
    808
    Likes Received:
    0
    Trophy Points:
    26
    When you run a Microsoft Office XP program, the file Ctfmon.exe (Ctfmon) runs in the background, even after you quit all Office programs.

    Ctfmon.exe monitors the active windows and provides text input service support for speech recognition, handwriting recognition, keyboard, translation, and other alternative user input technologies.

    Note: The ctfmon.exe file is located in the folder C:\Windows\System32. In other cases, ctfmon.exe is a virus, spyware, trojan or worm!

    PC running slower than normal. I can help you with that. Download CCleaner. http://filehippo.com/download_ccleaner/

    This is an easy to use registry cleaning tool. If you need help using it, let me know.

    After the registry cleaner is used. Get back to me for the next step.

     
  5. vinuvinzy

    vinuvinzy Member

    Joined:
    Dec 17, 2007
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    11
    Thanks for the information about ctfmon.exe, i downloaded the ccleaner software and installed but I dont know what to do next pls help me, it has options as analyse and run cleaner, as I dont know what to analyse and clean pls help...
    Thanks
    :)
     
  6. QuikDraw

    QuikDraw Regular member

    Joined:
    Sep 29, 2007
    Messages:
    808
    Likes Received:
    0
    Trophy Points:
    26
    In the lower left corner of Crap Cleaner, you will see a small white hyperlink titled "Online Help" click on this and it will take you here. http://www.ccleaner.com/help Once there click on, "Quick tour"
    This is a very user friendly program, and safe to use.
    Any question?
     
    Last edited: Jan 9, 2008

Share This Page