|
-
January 19th, 2010, 02:11 AM
#1
Please check over my log file!
Hi there -
This is my log file. My system really doesn't have a "problem," as such, but it runs very, very, very slowly. I recently had a few days to myself so I decided to try and clean up as much of the junk as I can. Using AdAware and Spybot, I cleaned up a lot of nasty little spyware. After that, neither my Virus software (Symantec) nor HouseCall nor BitDefender caught anything else. And my system is certainly...better. But it's still not terribly fast, and I'm worried something else unnecessary or unwanted is gumming up the works.
I appreciate your help. I'm sorry for the weird formatting - this is exactly as the logfile was generated. Thanks in advance!
__
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:00:04 AM, on 1/19/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00
(7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint
Protection\Smc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe
C:\Program
Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile
Device
Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared
files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint
Protection\Rtvscan.exe
C:\Program
Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint
Protection\SmcGui.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Acrobat
8.0\Acrobat\Acrotray.exe
C:\Program Files\Common Files\Symantec
Shared\ccApp.exe
C:\Program
Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common
Files\InstallShield\UpdateService\issch.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common
Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search &
Destroy\TeaTimer.exe
C:\Program
Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Common
Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common
Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Macrovision
Shared\FLEXnet
Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Sarah\Local
Settings\Application
Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sarah\Local
Settings\Application
Data\Google\Chrome\Application\chrome.exe
C:\Program
Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Sarah\My
Documents\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://www.symantec.com/enterprise/security_re
sponse/index.jsp
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion
\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection -
{53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper
- {AE7CD045-E861-484f-8273-0445EE161910} -
C:\Program Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF -
{47833539-D0C5-4125-9FA8-0819E2EAAC93} -
C:\Program Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IgfxTray]
C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence]
C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0]
"C:\Program Files\Adobe\Acrobat
8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program
Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched]
"C:\Program
Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program
Files\Common
Files\InstallShield\UpdateService\isuspm.exe"
-startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program
Files\Common
Files\InstallShield\UpdateService\issch.exe"
-start
O4 - HKLM\..\Run: [dvd43] C:\Program
Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile
Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run:
[BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10
AA}] "C:\Program Files\Common
Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program
Files\Common
Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [Google Update]
"C:\Documents and Settings\Sarah\Local
Settings\Application
Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer]
C:\Program Files\Spybot - Search &
Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater]
C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EX
E -Update -1103470 -"Mozilla/5.0 (Windows; U;
Windows NT 5.1; en-US; rv:1.9.1.5)
Gecko/20091102 Firefox/3.5.5 (.NET CLR
3.5.30729)"
-"http://www.shockwave.com/gamelanding/lostroc
kband.jsp?extcmp=2_lostrockband_df_OL_online_h
ome"
O4 -
HKUS\S-1-5-21-1757981266-879983540-1801674531-
1002\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 -
HKUS\S-1-5-21-1757981266-879983540-1801674531-
1002\..\Run:
[BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10
AA}] "C:\Program Files\Common
Files\Ahead\Lib\NMBgMonitor.exe" (User '?')
O4 -
HKUS\S-1-5-21-1757981266-879983540-1801674531-
1002\..\Run: [AdobeUpdater] C:\Program
Files\Common
Files\Adobe\Updater5\AdobeUpdater.exe (User
'?')
O4 -
HKUS\S-1-5-21-1757981266-879983540-1801674531-
1002\..\Run: [Aim6] (User '?')
O4 -
HKUS\S-1-5-21-1757981266-879983540-1801674531-
1002\..\Run: [Google Update] "C:\Documents and
Settings\Sarah\Local Settings\Application
Data\Google\Update\GoogleUpdate.exe" /c (User
'?')
O4 -
HKUS\S-1-5-21-1757981266-879983540-1801674531-
1002\..\Run: [SpybotSD TeaTimer] C:\Program
Files\Spybot - Search & Destroy\TeaTimer.exe
(User '?')
O4 -
HKUS\S-1-5-21-1757981266-879983540-1801674531-
1002\..\RunOnce: [Shockwave Updater]
C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EX
E -Update -1103470 -"Mozilla/5.0 (Windows; U;
Windows NT 5.1; en-US; rv:1.9.1.5)
Gecko/20091102 Firefox/3.5.5 (.NET CLR
3.5.30729)"
-"http://www.shockwave.com/gamelanding/lostroc
kband.jsp?extcmp=2_lostrockband_df_OL_online_h
ome" (User '?')
O4 - Global Startup: Adobe Gamma
Loader.exe.lnk = C:\Program Files\Common
Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Device Detector 3.lnk =
C:\Program
Files\Olympus\DeviceDetector\DevDtct2.exe
O8 - Extra context menu item: Append to
existing PDF - res://C:\Program
Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.h
tml
O8 - Extra context menu item: Convert link
target to Adobe PDF - res://C:\Program
Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.
html
O8 - Extra context menu item: Convert link
target to existing PDF - res://C:\Program
Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.h
tml
O8 - Extra context menu item: Convert selected
links to Adobe PDF - res://C:\Program
Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureS
elLinks.html
O8 - Extra context menu item: Convert selected
links to existing PDF - res://C:\Program
Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSe
lLinks.html
O8 - Extra context menu item: Convert
selection to Adobe PDF - res://C:\Program
Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.
html
O8 - Extra context menu item: Convert
selection to existing PDF - res://C:\Program
Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.h
tml
O8 - Extra context menu item: Convert to Adobe
PDF - res://C:\Program Files\Adobe\Acrobat
8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.
html
O8 - Extra context menu item: E&xport to
Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/
3000
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console
- {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: HP Clipbook -
{58ECB495-38F0-49cb-A538-10282ABF65E7} -
C:\Program Files\HP\Smart Web
Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select -
{700259D7-1666-479a-93B1-3250410481E8} -
C:\Program Files\HP\Smart Web
Printing\hpswp_extensions.dll
O9 - Extra button: Bonjour -
{7F9DB11C-E358-4ca6-A83D-ACC663939424} -
C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search &
Destroy Configuration -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF:
{6414512B-B978-451D-A0D8-FCFDF33E833C}
(WUWebControl Class) -
http://www.update.microsoft.com/windowsupdate/
v6/V5Controls/en/x86/client/wuweb_site.cab?122
1467046968
O16 - DPF:
{D27CDB6E-AE6D-11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shockwav
e/cabs/flash/swflash.cab
O18 - Protocol: skype4com -
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe
Systems - C:\Program Files\Common Files\Adobe
Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple
Inc. - C:\Program Files\Common
Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service
(aswUpdSv) - Unknown owner - C:\Program
Files\Alwil Software\Avast4\aswUpdSv.exe (file
missing)
O23 - Service: avast! Antivirus - Unknown
owner - C:\Program Files\Alwil
Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown
owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown
owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. -
C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager
(ccEvtMgr) - Symantec Corporation - C:\Program
Files\Common Files\Symantec
Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager
(ccSetMgr) - Symantec Corporation - C:\Program
Files\Common Files\Symantec
Shared\ccSvcHst.exe
O23 - Service: dlcx_device - -
C:\WINDOWS\system32\dlcxcoms.exe
O23 - Service: FLEXnet Licensing Service -
Macrovision Europe Ltd. - C:\Program
Files\Common Files\Macrovision Shared\FLEXnet
Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager
(IDriverT) - Macrovision Corporation -
C:\Program Files\Common
Files\InstallShield\Driver\1050\Intel
32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service -
Lavasoft - C:\Program
Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LiveUpdate - Symantec
Corporation -
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG -
C:\Program Files\Nero\Nero 7\Nero
BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG -
C:\Program Files\Common
Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo
Service(CRVS) (RichVideo) - Unknown owner -
C:\Program Files\CyberLink\Shared
files\RichVideo.exe
O23 - Service: Symantec Management Client
(SmcService) - Symantec Corporation -
C:\Program Files\Symantec\Symantec Endpoint
Protection\Smc.exe
O23 - Service: Symantec Network Access Control
(SNAC) - Symantec Corporation - C:\Program
Files\Symantec\Symantec Endpoint
Protection\SNAC.EXE
O23 - Service: Symantec Endpoint Protection
(Symantec AntiVirus) - Symantec Corporation -
C:\Program Files\Symantec\Symantec Endpoint
Protection\Rtvscan.exe
O23 - Service: Viewpoint Manager Service -
Viewpoint Corporation - C:\Program
Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Window Washer Engine
(wwEngineSvc) - Webroot Software, Inc. -
C:\Program Files\Webroot\Washer\WasherSvc.exe
--
End of file - 13480 bytes
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
