| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 99547 | 2009-05-06 04:59:00 | Another HijackThis | Driftwood (5551) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 771420 | 2009-05-06 04:59:00 | Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:54:19 p.m., on 6/05/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Mail\WinMail.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Bert\Desktop\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.nz/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [ avast! ] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - dl8-cdn-09.sun.com O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - wwwimages.adobe.com O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: getPlus(R) Helper - Unknown owner - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 4201 bytes |
Driftwood (5551) | ||
| 771421 | 2009-05-06 05:21:00 | What is the issue you're having? Spyware Terminator is the only sus thing I can see with a quick glance. | inphinity (7274) | ||
| 771422 | 2009-05-06 05:27:00 | This doesnt have to be in startup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O13 - Gopher Prefix: Uninstall ALL previous versions of java, and leave the latest installed |
Speedy Gonzales (78) | ||
| 771423 | 2009-05-06 06:29:00 | Thanks for that. Issues, freezing occationally when on line. Also slower than normal to load some pages. This has been noticed since the latest IE8 update. |
Driftwood (5551) | ||
| 771424 | 2009-05-06 06:36:00 | I would uninstall adobe reader, its full of holes. Install something smaller, like Foxit | Speedy Gonzales (78) | ||
| 771425 | 2009-05-06 07:35:00 | Thanks for that. Issues, freezing occationally when on line. Also slower than normal to load some pages. This has been noticed since the latest IE8 update. IE8 uses a new web standard, so some sites may load slower and even not load at all! Give firefox a whirl and see if it fixes the problem. [Also, IE8 is supposed to be the fastest browser currently] Blam |
Blam (54) | ||
| 771426 | 2009-05-06 07:43:00 | What is the issue you're having? Spyware Terminator is the only sus thing I can see with a quick glance. Nothing wrong with Spyware terminator - its a VERY good Antispyware program that finds more infections than malwarebytes and Spybot put together. | wainuitech (129) | ||
| 771427 | 2009-05-06 07:46:00 | Nothing wrong with Spyware terminator - its a VERY good Antispyware program that finds more infections than malwarebytes and Spybot put together. Interesting, I've tried it on two PCs and on both occaisions they failed to boot correctly after installing it :X Might have just been coincidental, maybe I will give it another shot. |
inphinity (7274) | ||
| 771428 | 2009-05-06 07:48:00 | Thanks for that. Issues, freezing occationally when on line. Also slower than normal to load some pages. This has been noticed since the latest IE8 update. Run a full manual windows update - sounds a lot like several customers PC's I have at the moment, and see alot of, windows updates if they are downloading and you dont know it, can cause this problem. To check - since its Vista. Click the start Orb, type in update From the results, click Windows Update - top left, click "Check For Updates" - see what it locates. |
wainuitech (129) | ||
| 771429 | 2009-05-06 07:51:00 | Interesting, I've tried it on two PCs and on both occaisions they failed to boot correctly after installing it :X Might have just been coincidental, maybe I will give it another shot. I and sevral other Techs here use it every day- with no problems, you dont install teh crawler tool bar, OR activate the inbuilt AV - for an AV you are much better off using Avast (free) or if you want a paid better one Nod32. Only time I have personally had problems with it is if the system is damaged or unstable to start with. |
wainuitech (129) | ||
| 1 2 | |||||