«
»

Can someone analyze my Hijackthis results for me please?

Published March 29, 2010 | By admin
Answer Girl! asked:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:53:04 PM, on 4/18/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Lexmark 5300 Series\lxdkmon.exe
C:\Program Files\Lexmark 5300 Series\lxdkamon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Windows\system32\WerCon.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 – BHO: SITEguard BHO – {1827766B-9F49-4854-8034-F6EE26FCB1EC} – C:\Program Files\STOPzilla!\SZSG.dll
O2 – BHO: WormRadar.com IESiteBlocker.NavFilter – {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} – C:\Program Files\AVG\AVG8\avgssie.dll
O2 – BHO: Search Helper – {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} – C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 – BHO: Windows Live Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 – BHO: AVG Security Toolbar – {A057A204-BACC-4D26-9990-79A187E2698E} – C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 – BHO: McAfee SiteAdvisor BHO – {B164E929-A1B6-4A06-B104-2CD0E90A88FF} – c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: Windows Live Toolbar Helper – {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} – C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 – BHO: STOPzilla Browser Helper Object – {E3215F20-3212-11D6-9F8B-00D0B743919D} – C:\Program Files\STOPzilla!\SZIEBHO.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 – Toolbar: McAfee SiteAdvisor Toolbar – {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} – c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 – Toolbar: &Windows Live Toolbar – {21FA44EF-376D-4D53-9B0F-8A89D3229068} – C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 – Toolbar: AVG Security Toolbar – {A057A204-BACC-4D26-9990-79A187E2698E} – C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 – Toolbar: STOPzilla – {98828DED-A591-462F-83BA-D2F62A68B8B8} – C:\Program Files\STOPzilla!\SZSG.dll
O4 – HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 – HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 – HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 – HKLM\..\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 – HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 – HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 – HKLM\..\Run: [lxdkmon.exe] “C:\Program Files\Lexmark 5300 Series\lxdkmon.exe”
O4 – HKLM\..\Run: [lxdkamon] “C:\Program Files\Lexmark 5300 Series\lxdkamon.exe”
O4 – HKLM\..\Run: [Lexmark 5300 Series Fax Server] “C:\Program Files\Lexmark 5300 Series\fm3032.exe” /s
O4 – HKLM\..\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 – HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 – HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 – HKCU\..\Run: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
O4 – HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERV

Caffeinated Content – Members-Only Content for WordPress

Posted in Registry Cleaners

One Response to Can someone analyze my Hijackthis results for me please?

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <font color="" face="" size=""> <span style="">

Link Partners

Home | Contact | Disclaimer | About Us | Privacy Statement
Copyright © SmartSoftwareReview.com • All Rights Reserved.
Disclosure: The website owner makes a commission if you decide to purchase any product recommended on this page.

Powered by WordPress and WordPress Theme created with Artisteer.