| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 91671 | 2008-07-15 02:32:00 | PLEASE CHECK HJT SCAN | brig (1359) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 688978 | 2008-07-15 02:32:00 | This is a cheap Japanese language Vista laptop purchased in Japan. It has 1GB RAM and my friend complains that it's been very slow since she got it. I advised her to upgrade the Ram but she's broke right now so I'm doing a routine cleanup/virus etc., scans in the off chance that something else is slowing things down. Could Speedy or someone else have a quick look through the HijackThis scan for me Many thanks, again:thanks brig Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:59:30, on 2008/07/15 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running processes: C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT .EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\NECMFK\necmfk.exe C:\Program Files\JWord\Plugin2\jwdsrch.exe C:\Program Files\NPSpeed\NPSpeed.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\DispSw\DispSw.exe C:\Program Files\NECBatt\nbSched.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\JustSystems\KazaNavi\kazanavi.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\GTAgent\AuAgent.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Windows\system32\wuauclt.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conime.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Windows\system32\Taskmgr.exe C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPCMNT .EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R3 - URLSearchHook: MyUrlSearchHook Class - {2ACECADE-0BC7-4C6F-95CF-A221CC161B52} - C:\PROGRA~1\JWord\Plugin2\jwdsrch.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ‚©‚ñ‚½‚ñ“o˜^2 - {0DD41AE7-6196-42E7-BDE5-4F393997449E} - C:\PROGRA~1\JUSTSY~1\SIMPLE~1\AtInBnd.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: FlpLauncher Class - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - C:\Program Files\E-Book Systems\FlipViewer\fplaunch.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: PhishWall - {8CA7E745-EF75-4E7B-BB86-8065C0CE29CA} - C:\Program Files\SecureBrain\PhishWall\sbpw32.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: FeliCaƒuƒ‰ƒEƒUƒGƒNƒXƒeƒ“ƒVƒ‡ƒ“ - {EC5D2125-D8AB-4a18-A599-D97D2731DE19} - C:\Program Files\Sony\FeliCaBrowserExtension\fbe.dll O2 - BHO: &BIGLOBEƒc[ƒ‹ƒo[ - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll O3 - Toolbar: &BIGLOBEƒc[ƒ‹ƒo[ - {F998C683-89D8-47FA-8C55-3E2CA27D7581} - C:\Program Files\BIGLOBE\ToolBar\biglobe.dll O3 - Toolbar: PhishWall - {BB62FFF4-41CB-4AFC-BB8C-2A4D4B42BBDC} - C:\Program Files\SecureBrain\PhishWall\sbpw32.dll O3 - Toolbar: ‚©‚ñ‚½‚ñ“o˜^2 ƒc[ƒ‹ƒo[ - {833CFE4E-05BD-43A3-97A7-A4E80D742F0F} - C:\PROGRA~1\JUSTSY~1\SIMPLE~1\AtInBnd.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SoftNavi] "C:\Program Files\Softnavi\ImgLnch.exe" /RESIDENT O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [NECMFK] C:\Program Files\necmfk\necmfk.exe O4 - HKLM\..\Run: [jwdsrch] C:\Program Files\JWord\Plugin2\jwdsrch.exe O4 - HKLM\..\Run: [NPSpeed] C:\Program Files\NPSpeed\NPSpeed.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [DispSw] C:\Program Files\DispSw\DispSw.exe O4 - HKLM\..\Run: [NECBatt] C:\Program Files\NECBatt\nbSched.exe O4 - HKLM\..\Run: [IME JPN 2007 Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMEJP\IMJPKLMG .EXE /Preload O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [KazaNavi] C:\Program Files\JustSystems\KazaNavi\kazanavi.exe /tasktray O4 - HKLM\..\Run: [SmartPhoto] C:\Program Files\SmartPhoto\SmartPhotoStartup.exe O4 - HKLM\..\Run: [FlipViewer Library] "C:\Program Files\E-Book Systems\FlipViewer\FlipViewerLibrary.exe" /showmode=hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [121Poplink] "C:\Program Files\GTAgent\AUAgent.exe" /startup O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Microsoft Excel ‚ɃGƒNƒXƒ|[ƒg(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra 'Tools' menuitem: Sun ‚Ì Java ƒRƒ“ƒ\[ƒ‹ - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll O9 - Extra button: JWord ƒvƒ‰ƒOƒCƒ“ - {34D67ED2-C837-4627-838C-2264E347D291} - www.jword.jp (file missing) O9 - Extra 'Tools' menuitem: JWord ƒvƒ‰ƒOƒCƒ“‚ɂ‚¢‚Ä - {34D67ED2-C837-4627-838C-2264E347D291} - www.jword.jp (file missing) O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [JWDSearch] JWord ƒvƒ‰ƒOƒCƒ“ O13 - Gopher Prefix: O15 - ESC Trusted Zone: http://*.update.microsoft.com O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\Total Restore\SaibSVC.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: B's Recorder GOLD Library Service (bgsvclib) - B.H.A Corporation - C:\Program Files\JustSystems\OpenMG BeatJam\Plugin\bgsvclib.exe O23 - Service: DiXiM Media Server - DigiOn - C:\Program Files\DigiOn\DiXiM Media Server\dmsf.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HidService - DigiOn, Inc. - C:\Program Files\DigiOn\DiXiM Media Client for Media Center\hidservice.exe O23 - Service: NEC HomeNetSupporter Ad hoc Service (hnsadhoc) - NEC Corporation - C:\Program Files\HomeNetSupporter\hnsadhoc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LVCOMSer - Logicool Co., Ltd. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logicool Co., Ltd. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logicool Co., Ltd. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NT Meter - NEC Corporation, NEC Personal Products, Ltd. - C:\Windows\system32\NTMETER.EXE O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: TXVDrv Service (TxVDrvSvc) - Texim Corporation. - C:\Program Files\JustSystems\PersonalShelter\TxVDrvSvc.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10015 bytes |
brig (1359) | ||
| 688979 | 2008-07-15 02:46:00 | Tick these then tick fix checked Close browsers O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" Uninstall all versions of Java, this is out of date. Link is in my sig O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O9 - Extra button: JWord ƒvƒ‰ƒOƒCƒ“ - {34D67ED2-C837-4627-838C-2264E347D291} - www.jword.jp (file missing) O9 - Extra 'Tools' menuitem: JWord ƒvƒ‰ƒOƒCƒ“‚ɂ‚¢‚Ä - {34D67ED2-C837-4627-838C-2264E347D291} - www.jword.jp (file missing) O13 - Gopher Prefix: |
Speedy Gonzales (78) | ||
| 688980 | 2008-07-15 07:46:00 | Thanks Speedy, I'll make those changes tomorrow | brig (1359) | ||
| 1 | |||||