| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 129222 | 2013-02-11 00:31:00 | miss behaving pc hijack this log.. HELP please.. win 7 | hammer (1735) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1327423 | 2013-02-11 00:31:00 | Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:16:32 p.m., on 11/02/2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17153) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files\2degrees Mobile Broadband\2degrees Mobile Broadband.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\system32\taskmgr.exe C:\Users\user\AppData\Local\Google\Chrome\Applicat ion\chrome.exe C:\Users\user\AppData\Local\Google\Chrome\Applicat ion\chrome.exe C:\Users\user\AppData\Local\Google\Chrome\Applicat ion\chrome.exe C:\Users\user\AppData\Local\Google\Chrome\Applicat ion\chrome.exe C:\Users\user\AppData\Local\Google\Chrome\Applicat ion\chrome.exe C:\Users\user\AppData\Local\Google\Chrome\Applicat ion\chrome.exe C:\Users\user\AppData\Local\Google\Chrome\Applicat ion\chrome.exe C:\Users\user\AppData\Local\Google\Chrome\Applicat ion\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\user\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - platformdl.adobe.com O17 - HKLM\System\CCS\Services\Tcpip\..\{31C5E8B8-CB20-4F13-A875-78E98A1A314D}: NameServer = 118.148.1.10 118.148.1.20 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O23 - Service: 2degrees Mobile Broadband. OUC (2degrees Mobile Broadband. RunOuc) - Unknown owner - C:\Program Files\2degrees Mobile Broadband\UpdateDog\ouc.exe O23 - Service: Adobe Version Cue CS3 - Unknown owner - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (file missing) O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe -- End of file - 6587 bytes |
hammer (1735) | ||
| 1327424 | 2013-02-11 00:53:00 | Whats it doing or not doing?? What version of java is installed 6. what? |
Speedy Gonzales (78) | ||
| 1327425 | 2013-02-11 00:58:00 | yes java 6 slow pc and after running malware bytes keyboard going crazy.. didnt seem to be so bad when i disconnected from internet which worries me. |
hammer (1735) | ||
| 1327426 | 2013-02-11 01:02:00 | HWDeviceService.exe could be a threat. See Here. (www.file.net) :) |
Trev (427) | ||
| 1327427 | 2013-02-11 01:04:00 | yeah i had looked up that but it seemed a bit ambiguous.. reckon i should delete it ? it was the only one that looked suss in taskmanager |
hammer (1735) | ||
| 1327428 | 2013-02-11 01:09:00 | no that didnt fix it??? | hammer (1735) | ||
| 1327429 | 2013-02-11 01:23:00 | If you have any suspect exe. files just copy and paste them into google and it will till you if they are suspect or not, if you are not already doing it. :) |
Trev (427) | ||
| 1327430 | 2013-02-11 01:24:00 | What kind of laptop is it?? Intel or AMD?? If its Intel disable speedstep in the BIOS. | Speedy Gonzales (78) | ||
| 1327431 | 2013-02-11 02:49:00 | desktop AMD | hammer (1735) | ||
| 1327432 | 2013-02-11 02:56:00 | Well I cant see anything in the log. Try defragging the hdd. If you mean slow on the net, it'll be because you're using a mobile connection | Speedy Gonzales (78) | ||
| 1 2 | |||||