highjack list
silver surfer - 15 March 2008 - 1:04pm
<p>can some one view this highjack log please,as pc is running very slow<br />
Logfile of Trend Micro HijackThis v2.0.0 (BETA)<br />
Scan saved at 125854, on 15/03/2008<br />
Platform Windows XP SP2 (WinNT 5.01.2600)<br />
Boot mode Normal</p>
<p>Running processes<br />
C\WINDOWS\System32\smss.exe<br />
C\WINDOWS\system32\csrss.exe<br />
C\WINDOWS\SYSTEM32\winlogon.exe<br />
C\WINDOWS\system32\services.exe<br />
C\WINDOWS\system32\lsass.exe<br />
C\WINDOWS\system32\Ati2evxx.exe<br />
C\WINDOWS\system32\svchost.exe<br />
C\WINDOWS\system32\svchost.exe<br />
C\WINDOWS\System32\svchost.exe<br />
C\WINDOWS\system32\svchost.exe<br />
C\WINDOWS\system32\spoolsv.exe<br />
C\PROGRA~1\AVG\AVG8\avgwdsvc.exe<br />
C\Program Files\iolo\common\lib\ioloServiceManager.exe<br />
C\WINDOWS\system32\svchost.exe<br />
C\WINDOWS\Explorer.EXE<br />
C\WINDOWS\tsnp2std.exe<br />
C\WINDOWS\vsnp2std.exe<br />
C\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe<br />
C\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe<br />
C\PROGRA~1\AVG\AVG8\avgtray.exe<br />
C\Program Files\iolo\Personal Firewall\ioloFW.exe<br />
C\WINDOWS\system32\ctfmon.exe<br />
C\Program Files\Skype\Phone\Skype.exe<br />
C\PROGRA~1\AVG\AVG8\avgam.exe<br />
C\PROGRA~1\AVG\AVG8\avgemc.exe<br />
C\Program Files\Skype\Plugin Manager\skypePM.exe<br />
C\WINDOWS\System32\alg.exe<br />
C\Program Files\Windows Live\Messenger\usnsvc.exe<br />
C\Program Files\Mozilla Firefox\firefox.exe<br />
C\PROGRA~1\AVG\AVG8\avgrsx.exe<br />
C\Program Files\iolo\System Mechanic 7\SMTrayNotify.exe<br />
C\PROGRA~1\AVG\AVG8\avgnsx.exe<br />
E\start_here.exe<br />
E\DiscContents\Security Toolkit\HijackThis\Bin\HiJackThis\HiJackThis_v2.exe<br />
C\WINDOWS\system32\wbem\wmiprvse.exe</p>
<p>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http//www.yahoo.com/<br />
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http//uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http//uk.docs.yahoo.com/info/bt_side.html<br />
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = <br />
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = <br />
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http//windowsupdate.microsoft.com/<br />
R3 - URLSearchHook Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll<br />
O2 - BHO Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll<br />
O2 - BHO AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C\Program Files\AVG\AVG8\avgssie.dll<br />
O2 - BHO (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)<br />
O2 - BHO Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll<br />
O2 - BHO AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL<br />
O2 - BHO Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C\Program Files\Windows Live Toolbar\msntb.dll<br />
O3 - Toolbar Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C\Program Files\Windows Live Toolbar\msntb.dll<br />
O3 - Toolbar AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL<br />
O3 - Toolbar Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll<br />
O4 - HKLM\..\Run [EPSON Stylus DX4000 Series] C\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C\WINDOWS\TEMP\E_S85.tmp" /EF "HKLM"<br />
O4 - HKLM\..\Run [tsnp2std] C\WINDOWS\tsnp2std.exe<br />
O4 - HKLM\..\Run [snp2std] C\WINDOWS\vsnp2std.exe<br />
O4 - HKLM\..\Run [SMSystemAnalyzer] "C\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe"<br />
O4 - HKLM\..\Run [EPSON Stylus Photo R200 Series] C\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"<br />
O4 - HKLM\..\Run [Microsoft Works Update Detection] C\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe<br />
O4 - HKLM\..\Run [LanzarP2006] "C\DOCUME~1\albert\LOCALS~1\Temp\{9206DE0F-FBD2-4796-995C-7DBBDB26FD38}\{EEBA9416-3207-47E0-9022-116440599DBC}\P2006tmp\Install.exe" /SETUP"/l0x0009"<br />
O4 - HKLM\..\Run [AVG8_TRAY] C\PROGRA~1\AVG\AVG8\avgtray.exe<br />
O4 - HKLM\..\Run [iolo Personal Firewall] "C\Program Files\iolo\Personal Firewall\ioloFW.exe"<br />
O4 - HKCU\..\Run [CTFMON.EXE] C\WINDOWS\system32\ctfmon.exe<br />
O4 - HKCU\..\Run [Skype] "C\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized<br />
O4 - HKCU\..\Run [msnmsgr] "C\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background<br />
O4 - HKUS\S-1-5-19\..\Run [CTFMON.EXE] C\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')<br />
O4 - HKUS\S-1-5-20\..\Run [CTFMON.EXE] C\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')<br />
O4 - HKUS\S-1-5-18\..\Run [CTFMON.EXE] C\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')<br />
O4 - HKUS\.DEFAULT\..\Run [CTFMON.EXE] C\WINDOWS\system32\CTFMON.EXE (User 'Default user')<br />
O8 - Extra context menu item &Search - ?p=ZCxdm451YYES<br />
O8 - Extra context menu item &Windows Live Search - res//C\Program Files\Windows Live Toolbar\msntb.dll/search.htm<br />
O8 - Extra context menu item Add to Windows &Live Favorites - http//favorites.live.com/quickadd.aspx<br />
O8 - Extra context menu item E&xport to Microsoft Excel - res//C\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000<br />
O8 - Extra context menu item Open in new background tab - res//C\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?923dc63cc0414e5192b192883313b3a3<br />
O8 - Extra context menu item Open in new foreground tab - res//C\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?923dc63cc0414e5192b192883313b3a3<br />
O9 - Extra button Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C\Program Files\Microsoft ActiveSync\inetrepl.dll<br />
O9 - Extra button (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C\Program Files\Microsoft ActiveSync\inetrepl.dll<br />
O9 - Extra 'Tools' menuitem Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C\Program Files\Microsoft ActiveSync\inetrepl.dll<br />
O9 - Extra button Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL<br />
O9 - Extra button Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C\Program Files\Messenger\msmsgs.exe<br />
O9 - Extra 'Tools' menuitem Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C\Program Files\Messenger\msmsgs.exe<br />
O10 - Unknown file in Winsock LSP c\program files\iolo\common\firewall\ifw_xfilter.dll<br />
O10 - Unknown file in Winsock LSP c\program files\iolo\common\firewall\ifw_xfilter.dll<br />
O10 - Unknown file in Winsock LSP c\program files\iolo\common\firewall\ifw_xfilter.dll<br />
O10 - Unknown file in Winsock LSP c\program files\iolo\common\firewall\ifw_xfilter.dll<br />
O10 - Unknown file in Winsock LSP c\program files\iolo\common\firewall\ifw_xfilter.dll<br />
O16 - DPF {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C\Program Files\Yahoo!\Common\yinsthelper.dll<br />
O16 - DPF {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http//cdn.scan.onecare.live.com/resource/download/scanner/wlscbase2474.cab<br />
O16 - DPF {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http//www.crucial.com/controls/cpcScanner.cab<br />
O18 - Protocol linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C\Program Files\AVG\AVG8\avgpp.dll<br />
O18 - Protocol skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL<br />
O20 - AppInit_DLLs avgrsstx.dll<br />
O22 - SharedTaskScheduler Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C\WINDOWS\system32\browseui.dll<br />
O22 - SharedTaskScheduler Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C\WINDOWS\system32\browseui.dll<br />
O23 - Service Ati HotKey Poller - Unknown owner - C\WINDOWS\system32\Ati2evxx.exe<br />
O23 - Service AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C\PROGRA~1\AVG\AVG8\avgemc.exe<br />
O23 - Service AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C\PROGRA~1\AVG\AVG8\avgwdsvc.exe<br />
O23 - Service iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C\Program Files\iolo\common\lib\ioloServiceManager.exe<br />
O23 - Service iolo System Service (ioloSystemService) - Unknown owner - C\Program Files\iolo\common\lib\ioloServiceManager.exe</p>
<p>--<br />
End of file - 8334 bytes</p>
Log in to PCAnswers
How to...
Install a Processor (CPU - Intel or AMD)
Scott Ewart - 11 December 2008 - 11:09am
Learn how to fit a new CPU and attach a fan with both the Intel LGA775 and AMD AM2+ socket types. ... read more »
Latest PC news from TechRadar
- Average UK broadband speed is just 3.6Mbps
- 5 reasons widgets may be the next big TV trend
- Exclusive: Virgin & ITV: Internet details not yet finalised
- Ballmer's CES keynote - all the details
- Virgin Media seals on-demand deal with ITV
- AMD rolls out much improved Phenom II CPU
- In Depth: Is 45nm silicon enough to save AMD?
- Windows 7 Beta available worldwide Friday
Copyright 2006 - 2008 Future Publishing Limited(company registered number 2008885), a company registered in England and Wales
whose registered office is at Beauford Court, 30 Monmouth Street, Bath, BA1 2BW, UK