Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 3 of 3 Posts

·
Registered
Joined
·
5 Posts
Discussion Starter · #1 ·
As soon as I log onto the net, the error message svchost.exe has generated an error and then It is impossible to surf around the net. What is svchost.exe and can it be fixed?
 

·
Registered
Joined
·
9,396 Posts
It could be one of many things but you could be infected with a virus.

Do this:
go to http://www.tomcoyote.org/hjt/ , and download 'Hijack This!'.
Unzip, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, and please copy & paste its contents to the forum.

It will possibly show issues deserving our attention, but most of what it lists will be harmless or even required, so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.

;)
 

·
Registered
Joined
·
5 Posts
Discussion Starter · #3 ·
Logfile of HijackThis v1.97.2
Scan saved at 6:29:36 PM, on 10/3/2003
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\ati2plab.exe
C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe
C:\WINNT\CPQDIAG\CPQDFWAG.EXE
C:\PROGRA~1\Compaq\COMPAQ~4\CPQWEB~1\WebDmi.exe
C:\PROGRA~1\Compaq\COMPAQ~3\hibserv.exe
C:\PROGRA~1\NORTON~1\NORTON~3\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~3\npssvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\snmp.exe
C:\Program Files\Norton SystemWorks\Norton Speed Disk\nopdb.exe
C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\PROGRA~1\Compaq\COMPAQ~4\cpqdmi.exe
C:\WINNT\Explorer.exe
C:\PROGRA~1\NORTON~1\NORTON~3\alertsvc.exe
C:\WINNT\System32\Promon.exe
C:\WINNT\System32\ltmsg.exe
C:\WINNT\System32\Atiptaxx.exe
C:\Program Files\Compaq\HotKey Software\hkss.exe
C:\Program Files\Compaq\EasyAccessButtons\cpqek.exe
C:\PROGRA~1\Compaq\Security\Secure32.exe
C:\Program Files\Compaq\PowerCon Enhancements\CPQAcDc.Exe
C:\WINNT\System32\PRPCUI.exe
C:\Program Files\Common Files\Symantec Shared\SymTray.exe
C:\WINNT\loadqm.exe
C:\PROGRA~1\Compaq\COMPAQ~4\CHKADMIN.EXE
C:\WINNT\System32\qttask.exe
C:\Program Files\Screendragon VS3\Screendragon VS3 Taskbar.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\windows\mp3[1].exe
C:\Program Files\Norton SystemWorks\Norton Antivirus NT\POPROXY.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus NT\NAVAPW32.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
C:\WINNT\system32\ntvdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\system32\drwtsn32.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\unzipped\hijackthis[1]\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bussolaweb.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.freenet.de
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [hkss] C:\Program Files\Compaq\HotKey Software\hkss.exe
O4 - HKLM\..\Run: [cpqek] C:\Program Files\Compaq\EasyAccessButtons\cpqek.exe
O4 - HKLM\..\Run: [Compaq Computer Security] C:\PROGRA~1\Compaq\Security\Secure32.exe
O4 - HKLM\..\Run: [CPQAcDc] C:\Program Files\Compaq\PowerCon Enhancements\CPQAcDc.Exe
O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe
O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\NORTON~1\NORTON~3\npscheck.exe
O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\NORTON~1\NORTON~3\defalert.exe
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~4\CHKADMIN.EXE
O4 - HKLM\..\Run: [QuickTime Task] C:\WINNT\System32\qttask.exe
O4 - HKLM\..\Run: [cursor] "C:\Program Files\Screendragon VS3\Screendragon VS3 Taskbar.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [zzz3101v] c:\windows\mp3[1].exe r
O4 - HKLM\..\Run: [Norton eMail Protect] C:\Program Files\Norton SystemWorks\Norton Antivirus NT\POPROXY.EXE
O4 - HKLM\..\Run: [QD FastAndSafe] C:\Program Files\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Program Files\Norton SystemWorks\Norton Antivirus NT\NAVAPW32.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.freenet.de
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {430DDE24-C051-11CF-95BE-0020AFF75E4F} (ichat xchat Control) - http://chat1.virgin.net/chat/data/html/user/msie/msichat.ocx
O16 - DPF: {630F2610-7654-11D1-83E3-0080C71A8794} (Interconnect Resources) - https://www.ib.albb.co.uk/ebs/ie/gic.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD468FD8-4D64-4203-9263-1FAA455DD24F}: NameServer = 62.104.191.241 62.104.196.134

can anyone help - what do I do next?
 
1 - 3 of 3 Posts
Status
Not open for further replies.
Top