Home   News  Product reviews  Website reviews  Forums   Competitions  Subscribe 
Search
You are not logged in.
Login | New user registration 		Main Index | Search | Active Topics | Who's Online | FAQ / HELP

Security >> HijackThis logs help and analysis
Previous thread Previous   View all threads Index   Next thread Next   Flat Mode Flat  

 |  Print Thread
Westeh
regular


Reg'd: Wed
Posts: 84
Log Check
      Fri Apr 25 2008 06:29 PM
Reply to this post Reply   Reply to this post Quote  

Hey

Log check for my brothers pc as its been running very slow,and the activity light is always on etc.
Had problems with internet connection but that "seems" to be resolved now.
Any help would be great,cheers

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:55, on 25/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Grisoft\AVG7\avginet.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SiSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1182418658\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\RunOnce: [AOLRebootNeeded] regsvr32.exe /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Belkin Wireless USB Utility.lnk = C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJxdm025YYGB
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/ZwinkyInitialSetup1.0.1.0.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9458 bytes

Post Extras Print Post   Remind Me!     Notify Moderator
Rate this thread

Jump to


Entire topic
Subject Posted by Posted on
* Log Check Westeh Fri Apr 25 2008 06:29 PM
. * * Re: Log Check Joe_LondonModerator   Tue Jun 17 2008 10:05 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 10:51 PM
. * * Re: Log Check Joe_LondonModerator   Wed Jun 18 2008 09:17 PM
. * * Re: Log Check westkawestdsr   Thu Jun 19 2008 10:41 PM
. * * Re: Log Check Joe_LondonModerator   Fri Jun 20 2008 11:12 AM
. * * Re: Log Check westkawestdsr   Sat Jun 21 2008 07:00 PM
. * * Re: Log Check Joe_LondonModerator   Sat Jun 21 2008 08:47 PM
. * * Re: Log Check Joe_LondonModerator   Sun Apr 27 2008 08:01 AM
. * * Re: Log Check Westeh   Sat May 03 2008 07:54 PM
. * * Re: Log Check Westeh   Mon Apr 28 2008 04:15 PM
. * * Re: Log Check Joe_LondonModerator   Fri Apr 25 2008 09:45 PM
. * * Re: Log Check westkawestdsr   Sun May 11 2008 10:17 PM
. * * Re: Log Check Joe_LondonModerator   Mon May 12 2008 09:03 AM
. * * Re: Log Check westkawestdsr   Thu May 15 2008 09:33 PM
. * * Re: Log Check Joe_LondonModerator   Thu May 15 2008 10:22 PM
. * * Re: Log Check westkawestdsr   Mon May 19 2008 12:10 PM
. * * Re: Log Check Joe_LondonModerator   Mon May 19 2008 03:43 PM
. * * Re: Log Check westkawestdsr   Wed May 21 2008 02:20 PM
. * * Re: Log Check Joe_LondonModerator   Wed May 21 2008 04:37 PM
. * * Re: Log Check westkawestdsr   Thu May 22 2008 08:55 PM
. * * Re: Log Check Joe_LondonModerator   Fri May 23 2008 10:26 AM
. * * Re: Log Check westkawestdsr   Sun May 25 2008 10:59 AM
. * * Re: Log Check Joe_LondonModerator   Sun May 25 2008 08:12 PM
. * * Re: Log Check westkawestdsr   Wed May 28 2008 09:21 PM
. * * Re: Log Check Joe_LondonModerator   Thu May 29 2008 09:54 AM
. * * Re: Log Check westkawestdsr   Sun Jun 01 2008 02:42 AM
. * * Re: Log Check Joe_LondonModerator   Sun Jun 01 2008 09:03 AM
. * * Re: Log Check westkawestdsr   Thu Jun 05 2008 08:40 PM
. * * Re: Log Check Joe_LondonModerator   Fri Jun 06 2008 05:17 PM
. * * Re: Log Check westkawestdsr   Sat Jun 07 2008 01:51 AM
. * * Re: Log Check Joe_LondonModerator   Sat Jun 07 2008 10:38 AM
. * * Re: Log Check westkawestdsr   Mon Jun 09 2008 09:43 AM
. * * Re: Log Check Joe_LondonModerator   Mon Jun 09 2008 06:10 PM
. * * Re: Log Check westkawestdsr   Mon Jun 09 2008 09:48 AM
. * * Re: Log Check greystsModerator   Tue Jun 10 2008 08:15 PM
. * * Re: Log Check westkawestdsr   Tue Jun 10 2008 11:57 PM
. * * Re: Log Check greystsModerator   Wed Jun 11 2008 11:40 AM
. * * Re: Log Check Joe_LondonModerator   Tue Jun 10 2008 09:31 AM
. * * Re: Log Check westkawestdsr   Wed Jun 11 2008 12:22 AM
. * * Re: Log Check westkawestdsr   Wed Jun 11 2008 12:23 AM
. * * Re: Log Check Joe_LondonModerator   Wed Jun 11 2008 09:47 AM
. * * Re: Log Check westkawestdsr   Wed Jun 11 2008 11:12 PM
. * * Re: Log Check Joe_LondonModerator   Thu Jun 12 2008 09:44 AM
. * * Re: Log Check westkawestdsr   Thu Jun 12 2008 09:17 PM
. * * Re: Log Check Joe_LondonModerator   Fri Jun 13 2008 10:28 AM
. * * Re: Log Check westkawestdsr   Mon Jun 16 2008 12:17 AM
. * * Re: Log Check Joe_LondonModerator   Mon Jun 16 2008 09:54 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 12:18 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 02:04 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 02:16 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 02:24 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 02:26 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 02:27 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 02:27 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 02:28 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 02:29 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 02:32 AM
. * * Re: Log Check westkawestdsr   Tue Jun 17 2008 02:14 AM
. * * Re: Log Check greystsModerator   Thu Jun 12 2008 09:00 AM
. * * Re: Log Check westkawestdsr   Thu Jun 12 2008 06:59 PM
. * * Re: Log Check westkawestdsr   Wed Jun 11 2008 12:37 AM
. * * Re: Log Check Joe_LondonModerator   Fri Jun 06 2008 10:07 AM
. * * Re: Log Check westkawestdsr   Sun May 25 2008 10:57 AM
. * * Re: Log Check Joe_LondonModerator   Mon May 19 2008 01:32 PM
. * * Re: Log Check westkawestdsr   Wed May 21 2008 01:58 PM
. * * Re: Log Check Joe_LondonModerator   Thu May 15 2008 10:13 PM

Extra information
1 registered and 15 anonymous users are browsing this forum.

Moderator:  putasolutions, greysts, bricat, AndrewC, Joe_London, John_McKenna, Mouse, Hello_There, TheFatControlleR, Nanook, Noviciate 


Print Thread
Forum Permissions
      You cannot start new topics
      You cannot reply to topics
      HTML is disabled
      Mark-up is enabled

Rating:
Thread views: 0

Contact Us | Privacy statement Main website
Hitwise Top 10 Award Winner - Jan-Mar 2005

About us | Contact us | Link to us | Terms & Conditions | Privacy Policy
© Copyright IPC Media Limited, All rights reserved