| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 121262 | 2011-10-18 11:41:00 | Help please, laptop playing up, HJT log posted | Sick Puppy (6959) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1238281 | 2011-10-18 11:41:00 | HI everyone, my ASUS laptop is still creaking along - just kidding, it was working just fine until tonight, and for some reason it's started playing up. What's concerned me is that it is slow on banking sites, and a number of .com websites (facebook etc) cannot be accessed, in particular computer/download websites, like ccleaner, Avast, filehippo etc. A few forums too, but it's the computer ones that concern me. Seems to be the same on Firefox, Chrome and IE. I've made a HJT log, can y'all please have a look, and let me know if anything is wrong/dodgy? Thanks in advance for your help! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:35:37, on 19/10/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\UStorSrv.exe C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\ASUS\Wireless Console\wcourier.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\ATK0100\ATKOSD.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nz.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = 192.168.1.101 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1 O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: www.wises.co.nz O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - support.asus.com O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - cdn.scan.safety.live.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - www.update.microsoft.com O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - download.zonelabs.com O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com O17 - HKLM\System\CCS\Services\Tcpip\..\{5C906B2F-2533-4211-821B-0641E3C12618}: NameServer = 203.96.152.4,203.96.152.12 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe -- End of file - 7919 bytes |
Sick Puppy (6959) | ||
| 1238282 | 2011-10-18 11:48:00 | HI everyone, my ASUS laptop is still creaking along - just kidding, it was working just fine until tonight, and for some reason it's started playing up. What's concerned me is that it is slow on banking sites, and a number of .com websites (facebook etc) cannot be accessed, in particular computer/download websites, like ccleaner, Avast, filehippo etc. A few forums too, but it's the computer ones that concern me. Seems to be the same on Firefox, Chrome and IE. I've made a HJT log, can y'all please have a look, and let me know if anything is wrong/dodgy? Thanks in advance for your help! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:35:37, on 19/10/2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - cdn.scan.safety.live.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - www.update.microsoft.com O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - download.zonelabs.com O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe -- End of file - 7919 bytes These should be safe to delete. But DON'T delete them until user "Speedy Gonzales" comes along and checks the log, as he is the Pro at this type of thing. |
goodiesguy (15316) | ||
| 1238283 | 2011-10-24 05:55:00 | Bumpage - any help here would be appreciated. :) Thanks Goodiesguy - The Nokia stuff relates to my phone, does fixing them mean that the program wouldn't show up on start up, or would it prevent my phone from connecting to the PC? |
Sick Puppy (6959) | ||
| 1238284 | 2011-10-24 06:28:00 | you might want to be careful in regards to this: " C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe " I'm pretty sure that needs to be running or else you won't be able to sync your ipod/iphone. Check with speedy. |
icow (15313) | ||
| 1238285 | 2011-10-24 06:57:00 | yeah, i'd wait for speedy's input on this | GameJunkie (72) | ||
| 1238286 | 2011-10-24 07:25:00 | Speedy has not been around for a few days. | Snorkbox (15764) | ||
| 1238287 | 2011-10-24 07:58:00 | These should be safe to delete . But DON'T delete them until user "Speedy Gonzales" comes along and checks the log, as he is the Pro at this type of thing . Holy crap, :groan:dont go posting telling people to remove things if you have no idea what they are -- saying "should be Ok " is not an option, about the only thing that is right is wait for better advise . If you remove a lot of those entries you will cause all sorts of problems and you certainly wont gain any access to sites . The HJT log is not to bad, theres no infections or nasties showing . this can go -its a dead entry: O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) I'd be dumping Avast, its gone hopeless these days and is slowly becoming a system hog, missing to many infections as well as causing a lot of problems . ( had to remove 3 from peoples computers over the last two weeks, because it was corrupting the OS's and missing lots of infections) re the Internet -- If its only today , I wouldn't worry about it to much -- over the last week the overseas sites have been up and down faster than a Yo-Yo :D Just last week, Nod32 was blocking Piriform ( ccleaners home site) as being an attack site, as well as several other well trusted sites, I suspect something went ga-ga for some reason . Try checking, or resetting your host file, make sure nothing is being blocked . One way ( . microsoft . com/kb/972034" target="_blank">support . microsoft . com) or a slightly better option and check --- download Trojan Remover ( . simplysup . com/tremover/download . html" target="_blank">www . simplysup . com) Run it first to do a scan, then under Utilities, theres a few options as well as reset host file . Also , un-install Spyware guard - its about as good as windows defender -- in other words more trouble than its worth;) |
wainuitech (129) | ||
| 1238288 | 2011-10-24 09:15:00 | I moved so the BB was disconnected (from 16/10 till tonight 24/10) / xferred / moved to my new address. I'm now in the middle of Otahuhu and Manukau. Which is why I havent been online I would get rid of Spyware Guard O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - Is windows up to date? |
Speedy Gonzales (78) | ||
| 1238289 | 2011-10-24 11:26:00 | Thanks guys - will go through all these tomorrow evening and get it sorted! Windows - no, not even close to being up to date I think - if I cannot remember when I did it, I consider it out of date, and it's been quite a while! Spyware Guard - will get rid of, but what changed, I thought this was recommended? But then I think that was when I bought this laptop! lol Any recommendations re: replacements for Avast!? Anything but AVG, I've always found it to be a dog... but then it could be it's master! :D Internet access seems to have sorted itself, I cleared FF's history, which I don't usually do with CCleaner, and it seemed to help. Being unable ot access Piriform was one of the issues I had, and between that and my wife having access issues, I was wondering if something was wrong with Us, the router, or just the net... Speedy & Wainui, thank you! |
Sick Puppy (6959) | ||
| 1238290 | 2011-10-26 06:20:00 | Microsoft security essentials or a decent paid AV ie ESET NOD32 or kaspersky. | icow (15313) | ||
| 1 | |||||