Post by: GazMandrake on September 20, 2016, 05:57:11 AM
Hi Techies.
Had to start a new account again as I always forget my password. I have an HP Pavilion dm4 laptop which is running like a tortoise on valium.
I will post the HijackThis logfile below. Cheers... ![\"smile.png\"](\"http://images.thetechguide.com/forum//public/style_emoticons/default/smile.png\" "\\":)\\"")
--------------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:56:21, on 20/09/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
FIREFOX: 48.0.2 (x86 en-GB)
Boot mode: Normal
Running processes:
C:\\Program Files (x86)\\Sony\\Sony PC Companion\\PCCompanion.exe
C:\\Users\\kaytee\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe
C:\\Program Files (x86)\\Microsoft Office\\Office12\\ONENOTEM.EXE
C:\\Program Files (x86)\\Intel\\Intel(R) Rapid Storage Technology\\IAStorIcon.exe
C:\\Program Files (x86)\\Hp\\HP Software Update\\hpwuschd2.exe
C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe
C:\\Program Files (x86)\\Sony\\Sony PC Companion\\PCCompanionInfo.exe
C:\\Program Files (x86)\\AVG Web TuneUp\\vprot.exe
C:\\Program Files (x86)\\AVG\\Framework\\Common\\avguix.exe
C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe
C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe
C:\\Program Files (x86)\\Mozilla Firefox\\plugin-container.exe
C:\\Users\\kaytee\\Downloads\\HijackThis.exe
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Bar = https://www.wolframalpha.com/?trackid=sp-005
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = https://www.wolframalpha.com/input/?i={searchTerms}
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = https://mysearch.avg.com/?cid={46F1C0CD-46E0-44DF-99AA-AA5EFE3243DE}&mid=79b1547cadeb47cd8375cd889874b2fa-e90ce0cc189a125e275ae24fa577902929a837a4&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-12-0417:29:11&v=4.2.1.951&pid=wtu&sg=&sap=hp
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Bar = https://www.wolframalpha.com/?trackid=sp-005
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = https://www.wolframalpha.com/?trackid=sp-005
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Local Page =
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre1.8.0_31\\bin\\ssv.dll
O2 - BHO: EgisPBIE - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\\Program Files (x86)\\Hewlett-Packard\\HP SimplePass Identity Protection\\EgisPBIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\\Program Files (x86)\\AVG Web TuneUp\\4.3.2.18\\AVG Web TuneUp.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\\Program Files (x86)\\Windows Live\\Companion\\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre1.8.0_31\\bin\\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\\Program Files (x86)\\Hewlett-Packard\\HP Support Framework\\Resources\\HPNetworkCheck\\HPNetworkCheckPlugin.dll
O4 - HKLM\\..\\Run: [StartCCC] \"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun
O4 - HKLM\\..\\Run: [IAStorIcon] C:\\Program Files (x86)\\Intel\\Intel(R) Rapid Storage Technology\\IAStorIcon.exe
O4 - HKLM\\..\\Run: [VitaKeyTSR] C:\\Program Files (x86)\\Hewlett-Packard\\HP SimplePass Identity Protection\\EgisTSR.exe /run
O4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe
O4 - HKLM\\..\\Run: [EgisUpdate] \"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d
O4 - HKLM\\..\\Run: [EgisTecPMMUpdate] \"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\"
O4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] \"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"
O4 - HKLM\\..\\Run: [Adobe ARM] \"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"
O4 - HKLM\\..\\Run: [AVG_UI] \"C:\\Program Files (x86)\\AVG\\Av\\avuirunnerx.exe\" C:\\Program Files (x86)\\AVG\\Av\\avgui.exe
O4 - HKLM\\..\\Run: [vProt] \"C:\\Program Files (x86)\\AVG Web TuneUp\\vprot.exe\"
O4 - HKLM\\..\\Run: [AvgUi] \"C:\\Program Files (x86)\\AVG\\Framework\\Common\\avguirna.exe\" /lps=fmw
O4 - HKLM\\..\\Run: [Dropbox] \"C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe\" /systemstartup
O4 - HKCU\\..\\Run: [Sidebar] C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun
O4 - HKCU\\..\\Run: [CCleaner Monitoring] \"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR
O4 - HKCU\\..\\Run: [Sony PC Companion] \"C:\\Program Files (x86)\\Sony\\Sony PC Companion\\PCCompanion.exe\" /Background
O4 - HKCU\\..\\Run: [Spotify Web Helper] \"C:\\Users\\kaytee\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"
O4 - HKUS\\S-1-5-18\\..\\RunOnce: [osk.exe] osk.exe (User \'SYSTEM\')
O4 - HKUS\\.DEFAULT\\..\\RunOnce: [osk.exe] osk.exe (User \'Default user\')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\\Program Files (x86)\\Microsoft Office\\Office12\\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~2\\MICROS~4\\Office12\\EXCEL.EXE/3000
O9 - Extra button: @C:\\Program Files (x86)\\Windows Live\\Companion\\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\\Program Files (x86)\\Windows Live\\Companion\\companioncore.dll
O9 - Extra button: @C:\\Program Files (x86)\\Windows Live\\Writer\\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files (x86)\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra \'Tools\' menuitem: @C:\\Program Files (x86)\\Windows Live\\Writer\\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files (x86)\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra button: @C:\\Program Files (x86)\\Hewlett-Packard\\HP Support Framework\\Resources\\HPNetworkCheck\\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\\Program Files (x86)\\Hewlett-Packard\\HP Support Framework\\Resources\\HPNetworkCheck\\NCLauncherFromIE.exe
O9 - Extra \'Tools\' menuitem: @C:\\Program Files (x86)\\Hewlett-Packard\\HP Support Framework\\Resources\\HPNetworkCheck\\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\\Program Files (x86)\\Hewlett-Packard\\HP Support Framework\\Resources\\HPNetworkCheck\\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~2\\MICROS~4\\Office12\\ONBttnIE.dll
O9 - Extra \'Tools\' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~2\\MICROS~4\\Office12\\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~2\\MICROS~4\\Office12\\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\\program files (x86)\\common files\\microsoft shared\\windows live\\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\\program files (x86)\\common files\\microsoft shared\\windows live\\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\\Program Files (x86)\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\ViProtocolInstaller\\18.3.0\\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\\Program Files\\IDT\\WDM\\AESTSr64.exe
O23 - Service: @%SystemRoot%\\system32\\Alg.exe,-112 (ALG) - Unknown owner - C:\\Windows\\System32\\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\\Windows\\system32\\atiesrxx.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\\Program Files (x86)\\AVG\\Av\\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\\Program Files (x86)\\AVG\\Av\\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\\Program Files (x86)\\AVG\\Framework\\Common\\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\\Program Files (x86)\\AVG\\Av\\avgwdsvca.exe
O23 - Service: BT Help Wizard - Alcatel-Lucent - C:\\Program Files (x86)\\BT Broadband Desktop Help\\btbb\\MA\\8.4.0.53.bt.10\\ma\\bin\\MAHostService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\\Program Files (x86)\\Dropbox\\Update\\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\\Program Files (x86)\\Dropbox\\Update\\DropboxUpdate.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\\SwSetup\\QuickWeb\\QW.SYS\\config\\DVMExportService.exe
O23 - Service: @%SystemRoot%\\system32\\efssvc.dll,-100 (EFS) - Unknown owner - C:\\Windows\\System32\\lsass.exe (file missing)
O23 - Service: EgisTec Service - Egis Technology Inc. - C:\\Program Files (x86)\\Hewlett-Packard\\HP SimplePass Identity Protection\\EgisService.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\\Windows\\System32\\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\\system32\\fxsresm.dll,-118 (Fax) - Unknown owner - C:\\Windows\\system32\\fxssvc.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\\Program Files (x86)\\Hewlett-Packard\\HP Support Framework\\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\HPWA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\\Program Files (x86)\\Hewlett-Packard\\Shared\\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\\Windows\\system32\\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\\Program Files\\Hewlett-Packard\\HP Quick Launch\\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Rapid Storage Technology\\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\\Windows\\System32\\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\\System32\\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: @%systemroot%\\system32\\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\\Program Files (x86)\\Trusteer\\Rapport\\bin\\RapportMgmtService.exe
O23 - Service: @%systemroot%\\system32\\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\\Windows\\system32\\locator.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\samsrv.dll,-1 (SamSs) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe
O23 - Service: @%SystemRoot%\\system32\\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\\Windows\\System32\\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\\Program Files (x86)\\Sony\\Sony PC Companion\\PCCService.exe
O23 - Service: @%systemroot%\\system32\\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\\Windows\\System32\\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\\Windows\\system32\\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\\Program Files\\IDT\\WDM\\STacSV64.exe
O23 - Service: TunerFreeMCEService - MillieSoft - C:\\Program Files (x86)\\MillieSoft\\TunerFreeMCE\\TunerFreeMCEService.exe
O23 - Service: @%SystemRoot%\\system32\\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\\Windows\\system32\\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe
O23 - Service: @%SystemRoot%\\system32\\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\\Windows\\system32\\vcsFPService.exe
O23 - Service: @%SystemRoot%\\system32\\vds.exe,-100 (vds) - Unknown owner - C:\\Windows\\System32\\vds.exe (file missing)
O23 - Service: @%systemroot%\\system32\\vssvc.exe,-102 (VSS) - Unknown owner - C:\\Windows\\system32\\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.2 - Unknown owner - C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\vToolbarUpdater\\40.3.2\\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\\system32\\Wat\\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\\Windows\\system32\\Wat\\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\\system32\\wbengine.exe,-104 (wbengine) - Unknown owner - C:\\Windows\\system32\\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\\system32\\wbem\\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\\Windows\\system32\\wbem\\WmiApSrv.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\\Program Files (x86)\\AVG Web TuneUp\\WtuSystemSupport.exe
--
End of file - 14471 bytes
Post by: guestolo on September 24, 2016, 09:00:52 PM
Sorry for the delay, I\'m in a work camp and internet is spotty.... Do you still need a hand?
I can only help occasionally, but I can do what I can
Post by: eloyman on September 27, 2016, 04:00:01 PM
Sorry for the delay, I\'m in a work camp and internet is spotty.... Do you still need a hand?
I can only help occasionally, but I can do what I can
Wow! I had no idea the admin were still active on this site. I\'ve been a long time member since 06, and I can\'t help but check back and see what\'s new every couple of months.
Post by: guestolo on October 11, 2016, 01:54:58 PM
Still pop in at times... Seems as if GazMandrake is not returning to this topic so I\'ll lock it