Hello,
My friend has a HP desktop running WinXPsp2 Home. A few days ago he lost his internet connection and the PC is running very slow.
I ran CrapCleaner.
I was not able to use Trend Micros Online scanner as the instructions in your sticky say, because we cannot get to the internet, but I did run AVG and also Spybot.
Both found nothing at all.
I followed the instructions in the sticky and removed websearch toolbar.
I also pasted the HJT log in hijackthis.de and it gives me 2 unknown applications.
all the rest have the green check or a white shield.
When I turn the computer on a popup shows up about connecting to the "steam network". He says this is to do with online games.
The website is http://www.steampowered.com.
His internet is AT&T DSL.
Thanks in advance
HJT log:Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 8:29:22 AM, on 10/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1YAHOO!YOPyop.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesBroadJumpClient FoundationCFD.exe
C:PROGRA~1GrisoftAVG7avgcc.exe
C:Program FilesYahoo!AntivirusCAVRID.exe
C:Program FilesYahoo!AntivirusCAVTray.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesSpyware Doctorswdoctor.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesAIM6aim6.exe
C:Program FilesAIM6aolsoftware.exe
C:PROGRA~1YAHOO!browserycommon.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:PROGRA~1GrisoftAVG7avgamsvr.exe
C:PROGRA~1GrisoftAVG7avgupsvc.exe
C:PROGRA~1GrisoftAVG7avgemc.exe
C:Program FilesYahoo!AntivirusISafe.exe
C:Program FilesSpyware Doctorsdhelp.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesYahoo!AntivirusVetMsg.exe
C:Program FilesiPodbiniPodService.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSSystem32alg.exe
C:Documents and SettingsOwnerDesktoptestHiJackThis_v2.exe
C:WINDOWSsystem32wbemwmiprvse.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:Program FilesAOLAOL Toolbar 5.0aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar BETA - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:PROGRA~1SPYWAR~1toolsiesdsg.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program FilesAOLAOL Toolbar 5.0aoltb.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll
O2 - BHO: (no name) - ?27C09-B521-4EDB-8509-7D2660C9EC98} - (no file)
O2 - BHO: (no name) - ?A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O3 - Toolbar: Yahoo! Toolbar BETA - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpn0yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program FilesAOLAOL Toolbar 5.0aoltb.dll
O4 - HKLM..Run: YOP C:PROGRA~1YAHOO!YOPyop.exe /autostart
O4 - HKLM..Run: Windows Defender "C:Program FilesWindows DefenderMSASCui.exe" -hide
O4 - HKLM..Run: iTunesHelper "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: BJCFD C:Program FilesBroadJumpClient FoundationCFD.exe
O4 - HKLM..Run: AVG7_CC C:PROGRA~1GrisoftAVG7avgcc.exe /STARTUP
O4 - HKLM..Run: ViewpointPhotosDeviceConnect C:Program FilesCommon FilesViewpointToolbar Runtime3.7.0FotomatDeviceConnect.exe
O4 - HKLM..Run: ViewMgr C:Program FilesViewpointViewpoint ManagerViewMgr.exe
O4 - HKLM..Run: QuickTime Task "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: DeadAIM rundll32.exe "C:PROGRA~1AIMDeadAIM.ocm",ExportedCheckODLs
O4 - HKLM..Run: CAVRID "C:Program FilesYahoo!AntivirusCAVRID.exe"
O4 - HKLM..Run: CaAvTray "C:Program FilesYahoo!AntivirusCAVTray.exe"
O4 - HKCU..Run: ctfmon.exe C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: Spyware Doctor "C:Program FilesSpyware Doctorswdoctor.exe" /Q
O4 - HKCU..Run: Steam C:Program FilesValveSteamSteam.exe -silent
O4 - HKCU..Run: MSMSGS "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: Aim6 "C:Program FilesAIM6aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUSS-1-5-19..Run: AVG7_Run C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User LOCAL SERVICE)
O4 - HKUSS-1-5-20..Run: AVG7_Run C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User NETWORK SERVICE)
O4 - HKUSS-1-5-18..Run: Spyware Doctor "C:Program FilesSpyware Doctorswdoctor.exe" /Q (User SYSTEM)
O4 - HKUS.DEFAULT..Run: Spyware Doctor "C:Program FilesSpyware Doctorswdoctor.exe" /Q (User Default user)
O4 - Startup: America Online 6.0 Tray Icon.lnk = C:America Online 6.0aoltray.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:program filesaolaol toolbar 5.0resourcesen-USlocalsearch.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:Program FilesAOLAOL Toolbar 5.0aoltb.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra Tools menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra Tools menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O10 - Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145244164052
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab
O20 - Winlogon Notify: !SASWinLogon - C:Program FilesSUPERAntiSpywareSASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:WINDOWSsystem32browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:WINDOWSsystem32browseui.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgemc.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:Program FilesYahoo!AntivirusISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibMSCSPTISRV.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:WINDOWSsystem32PackethSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibPACSPTISVR.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:Program FilesSpyware Doctorsdhelp.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibSPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibSSScsiSV.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:Program FilesYahoo!AntivirusVetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:WINDOWSSYSTEM32YPCSER~1.EXE
--
End of file - 8965 bytes
Topic Replies: 1
Read More...
[Source: Ozzu - Posted by FreeAutoBlogger]
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment