Here's Another One[RESOLVED]

Lurch987 · November 21, 2008

Hey gang, I'm back with another one. I'm cleaning a friends computer and there's multiple users on this system. I cleaned as much as I can and 1 user's profile works great but another one's internet is slow.

It doesn't make sense to me so I did a HJT log.

Logfile of HijackThis v1.99.1

Scan saved at 7:16:32 PM, on 11/20/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\lexpps.exe

C:\Program Files\Microsoft Location Finder\LocationFinder.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe

C:\Program Files\Sympatico Starter Kit\bin\gbConMon.exe

C:\Program Files\Sympatico Starter Kit\bin\gbTask.exe

C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll (file missing)

O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll

O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\RunServices: [Gearbox Deferal Check] C:\Program Files\Sympatico Starter Kit\bin\gbdefer.exe

O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Antivirus] C:\Program Files\MS Antivirus\MSA.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe

O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-ca\msntb.dll/search.htm

O8 - Extra context menu item: &Search - ?p=ZKxdm098YYCA

O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/v/8.1.7.44/applet/om...omaha-en_US.cab

O16 - DPF: Aces Up! by pogo - http://game3.pogo.com/v/9.1.1.8/applet/aces/aces-en_US.cab

O16 - DPF: Addiction by pogo - http://game3.pogo.com/v/9.0.9.8/applet/add...ction-en_US.cab

O16 - DPF: Alibaba Slots - http://game3.pogo.com/v/9.1.1.20/applet/al...ibaba-en_US.cab

O16 - DPF: Bingo Luau by pogo - http://game1.pogo.com/v/8.1.0.30/applet/fr...bingo-en_US.cab

O16 - DPF: Blackjack by pogo - http://game3.pogo.com/v/9.0.9.8/applet/bla...kjack-en_US.cab

O16 - DPF: Blackjack Carnival by pogo - http://game1.pogo.com/v/8.1.1.1/applet/vbj...jack2-en_US.cab

O16 - DPF: Bowling by pogo - http://game1.pogo.com/v/8.1.2.14/applet/bo...wling-en_US.cab

O16 - DPF: Canasta by pogo - http://game1.pogo.com/v/8.1.7.44/applet/ca...nasta-en_US.cab

O16 - DPF: Dice City Roller by pogo - http://game3.pogo.com/v/9.0.9.8/applet/ytz/ytz-en_US.cab

O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/v/8.1.4.1/applet/che...dflag-en_US.cab

O16 - DPF: Dominoes v2 by pogo - http://game3.pogo.com/v/9.0.1.14/applet/do...mino2-en_US.cab

O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/v/8.1.1.1/applet/vid...deuce-en_US.cab

O16 - DPF: Euchre by pogo - http://game3.pogo.com/v/9.1.1.1/applet/euc...uchre-en_US.cab

O16 - DPF: First Class Solitaire by pogo - http://game3.pogo.com/v/9.1.1.8/applet/fir...lass2-en_US.cab

O16 - DPF: Fortune Bingo by pogo - http://game3.pogo.com/v/9.1.1.1/applet/sup...bingo-en_US.cab

O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/v/8.1.1.1/applet/har...rvest-en_US.cab

O16 - DPF: Hearts by pogo - http://game3.pogo.com/v/8.1.7.44/applet/he...earts-en_US.cab

O16 - DPF: High Stakes Poker by pogo - http://game3.pogo.com/v/8.1.6.3/applet/dra...poker-en_US.cab

O16 - DPF: Hog Heaven Slots by pogo - http://game3.pogo.com/v/9.1.4.5/applet/fancy/fancy-en_US.cab

O16 - DPF: Jokers Wild Poker by pogo - http://game3.pogo.com/v/9.1.3.19/applet/vi...swild-en_US.cab

O16 - DPF: Jungle Gin by pogo - http://game3.pogo.com/v/9.1.1.1/applet/gin2/gin2-en_US.cab

O16 - DPF: Lost Temple Poker by pogo - http://game3.pogo.com/v/9.1.4.5/applet/mhp...poker-en_US.cab

O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-8.0.8.30/lott...ottso-en_US.cab

O16 - DPF: Mah Jong Garden by pogo - http://game3.pogo.com/v/9.1.4.5/applet/mah...jong2-en_US.cab

O16 - DPF: Makeover Madness by pogo - http://game1.pogo.com/v/8.1.7.44/applet/sh...shoes-en_US.cab

O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/v/8.1.1.1/applet/pai...aigow-en_US.cab

O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/v/8.1.1.1/applet/wat...wheel-en_US.cab

O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-8.0.9.41/flin...inger-en_US.cab

O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-8.0.8.30/popfu/popfu-en_US.cab

O16 - DPF: Poppit by pogo - http://game3.pogo.com/v/9.1.3.19/applet/po...ppit2-en_US.cab

O16 - DPF: Quick Quack by pogo - http://game3.pogo.com/v/9.1.1.8/applet/hot...treak-en_US.cab

O16 - DPF: Shuffle Bump by pogo - http://game1.pogo.com/applet-8.0.8.30/puck/puck-en_US.cab

O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-8.0.8.30/spid...pider-en_US.cab

O16 - DPF: Squelchies by pogo - http://game3.pogo.com/v/9.1.1.1/applet/squ...chies-en_US.cab

O16 - DPF: Sweet Tooth 2 by Pogo - http://game1.pogo.com/v/8.1.6.21/applet/sw...ooth2-en_US.cab

O16 - DPF: Texas Hold'em Poker by pogo - http://game3.pogo.com/v/9.1.5.8/applet/hol...oldem-en_US.cab

O16 - DPF: Thousand Island Solitaire by pogo - http://game3.pogo.com/v/9.1.1.8/applet/mil...lbrae-en_US.cab

O16 - DPF: Tri-Peaks by pogo - http://game3.pogo.com/v/9.1.1.1/applet/peaks/peaks-en_US.cab

O16 - DPF: Turbo 21 v2 by pogo - http://game3.pogo.com/v/9.1.1.8/applet/tur...rbo22-en_US.cab

O16 - DPF: Vaults of Atlantis Slots by pogo - http://game3.pogo.com/v/9.1.1.1/applet/mls...slots-en_US.cab

O16 - DPF: Video Poker by pogo - http://game1.pogo.com/v/8.1.1.1/applet/vid...poker-en_US.cab

O16 - DPF: Wonderland Memories by pogo - http://game3.pogo.com/v/9.0.8.20/applet/me...ories-en_US.cab

O16 - DPF: Word Search Daily by pogo - http://game1.pogo.com/v/8.1.8.23/applet/wo...earch-en_US.cab

O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/v/8.1.7.44/applet/wh...kdown-en_US.cab

O16 - DPF: World Class Solitaire by pogo - http://game3.pogo.com/v/9.0.8.20/applet/wo...class-en_US.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v45/bejeweled/bejeweled.cab

O16 - DPF: {76716694-EADA-4810-8C3B-4826328A317F} (SmartCouponPrinter Control) - http://content.dll1.com/Connectus/SmartCou...ter20080208.cab

O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

Lurch987 · November 22, 2008

Never mind, figured it out.

Thanks.

Rorschach112 · November 23, 2008

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Sign In

Here's Another One[RESOLVED]

Recommended Posts

Lurch987

Link to post

Share on other sites

Lurch987

Link to post

Share on other sites

Rorschach112

Link to post

Share on other sites

Browse

Activity