Post by: Athrin on April 16, 2006, 03:37:13 PM
Logfile of HijackThis v1.99.1
Scan saved at 4:36:55 PM, on 4/15/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\windows\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\wuauclt.exe
C:\Documents and Settings\CYNTHIA\My Documents\Avant Browser\avant.exe
C:\Documents and Settings\CYNTHIA\My Documents\HJT\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.com/ (http://\"http://www.comcast.com/\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/ (http://\"http://www.comcast.net/\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Add to AD Black List - C:\Documents and Settings\CYNTHIA\My Documents\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Documents and Settings\CYNTHIA\My Documents\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Highlight - C:\Documents and Settings\CYNTHIA\My Documents\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Documents and Settings\CYNTHIA\My Documents\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Documents and Settings\CYNTHIA\My Documents\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - C:\Documents and Settings\CYNTHIA\My Documents\Avant Browser\Search.htm
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\windows\System32\shdocvw.dll
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (http://\"http://www.comcast.net/\") (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (http://\"http://www.comcastsupport.com/\") (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (http://\"http://online.comcast.net/help/\") (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
Post by: guestolo on April 16, 2006, 07:09:11 PM
Ensure you visit Windows updates and get all latest High Priority updates
I like to create a fresh system restore point before installing them
I also notice this
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
Your running an outdated version of Java
I suggest that you do the following
access this link
http://www.java.com/en/download/manual.jsp (http://\"http://www.java.com/en/download/manual.jsp\")
I find the
Windows (Offline Installation) the most reliable although it's a bigger download
Save the offline installer to desktop
Go into the Windows control panel and double click to open the Java Icon
Under the General tab>>Delete Files>>Ok the prompt
Close Java and access your add/remove programs
Remove
J2SE Runtime Environment 5.0 Update 3
and any other older updates and versions
Afterwards, Install the latest version of Java you saved to desktop
This will help to plug security holes
Post by: Athrin on April 16, 2006, 07:25:18 PM
Post by: guestolo on April 16, 2006, 07:27:26 PM
I find that 256 is minimum for XP
Others say they can run it on 128, but it's not that responsive
I wouldn't have the Sun Java updater running on startup
I don't find it that reliable
after you install the new version of Java
In the Control Panel>>Java
Uncheck>>Auto check for updates
If you don't need this entry in your log running on startup
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
You can have hijackthis fix checked it with all other windows closed
Reboot the computer
Here's what it's related too
Quote
Application which launches common MS Office components to help speed up the launch of Office programs. It's somewhat of a resource hog and some users claim there's no difference with or without it but it usually isn't required - Note: if you make use of the Microsoft Office Shortcut Bar outside an office program this application will need to be enabled for it to show.I'm not sure if you need this running on startup or not
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
Here's what is said about it:
Quote
SQL Servernbsp;Service Manager - provides tray access to SQL servernbsp;the server agent and MSDTC. Available via Start - Programs
Also, some, not all, find that disabling the Ewido service helps
I don't believe you even need it too run for Ewido to run properly
Try this
Go to START>>>RUN>>>type in services.msc
Hit OK
In the next window, look on the right hand side for this service
name---- ewido security suite control
Double click on it--- STOP the service--If running
In the drop down menu, change the startup type to Disabled
Then try opening Ewido and check for updates
It will warn that the service isn't running but needed
You should still be able to run a scan without it
When was the last Defragment on this computer?
Post by: Athrin on April 16, 2006, 07:32:45 PM
Post by: guestolo on April 16, 2006, 07:39:33 PM
Additionally
I would still stick another 256mb Ram in that machine
Just enquiring, this program
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
I'm not sure how it is on system resources
Does it also have Firewall protection built in?
Post by: Athrin on April 16, 2006, 07:51:37 PM
Post by: guestolo on April 16, 2006, 08:00:24 PM
Can you take a look
/rolleyes.gif\' class=\'bbc_emoticon\' alt=\':rolleyes:\' /> I'm not too familiar with the program
Post by: Athrin on April 16, 2006, 08:15:26 PM
No it doesn't i just looked
Post by: guestolo on April 16, 2006, 08:19:49 PM
and you enable it
You may want to disable the Firewall built into XP thru your Windows Control Panel
Having more than one run, can cause conflicts
Post by: Athrin on April 16, 2006, 08:29:27 PM
Post by: guestolo on April 16, 2006, 08:34:13 PM
If you don't have the Pro version, leave the XP firewall ENABLED!
Here's a comparison chart
http://www.netlimiter.com/featurelist.php (http://\"http://www.netlimiter.com/featurelist.php\")
Is the program any good?
What is it really doing for you?
Post by: Athrin on April 16, 2006, 08:35:55 PM
Post by: guestolo on April 16, 2006, 08:40:49 PM
thanks
Post by: Athrin on April 16, 2006, 08:43:45 PM
Post by: guestolo on April 16, 2006, 08:54:46 PM
Try this site
http://www.memoryx.com/ (http://\"http://www.memoryx.com/\")
You don't need to buy from there but it will help identify what memory to purchase
I just use the links on the right hand side at that page and manually search myself
Post by: Athrin on April 17, 2006, 12:18:09 AM