A friend of mine has told me of problems she has been having when using the internet. I have got her to do a HiJack This log and got her to e-mail it to me.
Could someone take a look and see if there are problems.
I am guessing that there are and the next problem is how to do something about it. It won't be possible for the owner to engage in posting to the forum and going through the processes and steps that other posters do, it would be beyond their scope.
I have volunteered to take the computer of them and try and get it sorted out if necessary.Would it be possible to tell from the log exactly what problems there are and how serious they are so I could advise.
Many Thanks
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:35:31, on 28/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.com/news/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 88.198.198.204 google.ae
O1 - Hosts: 88.198.198.204 google.as
O1 - Hosts: 88.198.198.204 google.at
O1 - Hosts: 88.198.198.204 google.az
O1 - Hosts: 88.198.198.204 google.ba
O1 - Hosts: 88.198.198.204 google.be
O1 - Hosts: 88.198.198.204 google.bg
O1 - Hosts: 88.198.198.204 google.bs
O1 - Hosts: 88.198.198.204 google.ca
O1 - Hosts: 88.198.198.204 google.cd
O1 - Hosts: 88.198.198.204 google.com.gh
O1 - Hosts: 88.198.198.204 google.com.hk
O1 - Hosts: 88.198.198.204 google.com.jm
O1 - Hosts: 88.198.198.204 google.com.mx
O1 - Hosts: 88.198.198.204 google.com.my
O1 - Hosts: 88.198.198.204 google.com.na
O1 - Hosts: 88.198.198.204 google.com.nf
O1 - Hosts: 88.198.198.204 google.com.ng
O1 - Hosts: 88.198.198.204 google.ch
O1 - Hosts: 88.198.198.204 google.com.np
O1 - Hosts: 88.198.198.204 google.com.pr
O1 - Hosts: 88.198.198.204 google.com.qa
O1 - Hosts: 88.198.198.204 google.com.sg
O1 - Hosts: 88.198.198.204 google.com.tj
O1 - Hosts: 88.198.198.204 google.com.tw
O1 - Hosts: 88.198.198.204 google.dj
O1 - Hosts: 88.198.198.204 google.de
O1 - Hosts: 88.198.198.204 google.dk
O1 - Hosts: 88.198.198.204 google.dm
O1 - Hosts: 88.198.198.204 google.ee
O1 - Hosts: 88.198.198.204 google.fi
O1 - Hosts: 88.198.198.204 google.fm
O1 - Hosts: 88.198.198.204 google.fr
O1 - Hosts: 88.198.198.204 google.ge
O1 - Hosts: 88.198.198.204 google.gg
O1 - Hosts: 88.198.198.204 google.gm
O1 - Hosts: 88.198.198.204 google.gr
O1 - Hosts: 88.198.198.204 google.ht
O1 - Hosts: 88.198.198.204 google.ie
O1 - Hosts: 88.198.198.204 google.im
O1 - Hosts: 88.198.198.204 google.in
O1 - Hosts: 88.198.198.204 google.it
O1 - Hosts: 88.198.198.204 google.ki
O1 - Hosts: 88.198.198.204 google.la
O1 - Hosts: 88.198.198.204 google.li
O1 - Hosts: 88.198.198.204 google.lv
O1 - Hosts: 88.198.198.204 google.ma
O1 - Hosts: 88.198.198.204 google.ms
O1 - Hosts: 88.198.198.204 google.mu
O1 - Hosts: 88.198.198.204 google.mw
O1 - Hosts: 88.198.198.204 google.nl
O1 - Hosts: 88.198.198.204 google.no
O1 - Hosts: 88.198.198.204 google.nr
O1 - Hosts: 88.198.198.204 google.nu
O1 - Hosts: 88.198.198.204 google.pl
O1 - Hosts: 88.198.198.204 google.pn
O1 - Hosts: 88.198.198.204 google.pt
O1 - Hosts: 88.198.198.204 google.ro
O1 - Hosts: 88.198.198.204 google.ru
O1 - Hosts: 88.198.198.204 google.rw
O1 - Hosts: 88.198.198.204 google.sc
O1 - Hosts: 88.198.198.204 google.se
O1 - Hosts: 88.198.198.204 google.sh
O1 - Hosts: 88.198.198.204 google.si
O1 - Hosts: 88.198.198.204 google.sm
O1 - Hosts: 88.198.198.204 google.sn
O1 - Hosts: 88.198.198.204 google.st
O1 - Hosts: 88.198.198.204 google.tl
O1 - Hosts: 88.198.198.204 google.tm
O1 - Hosts: 88.198.198.204 google.tt
O1 - Hosts: 88.198.198.204 google.us
O1 - Hosts: 88.198.198.204 google.vu
O1 - Hosts: 88.198.198.204 google.ws
O1 - Hosts: 88.198.198.204 google.co.ck
O1 - Hosts: 88.198.198.204 google.co.id
O1 - Hosts: 88.198.198.204 google.co.il
O1 - Hosts: 88.198.198.204 google.co.in
O1 - Hosts: 88.198.198.204 google.co.jp
O1 - Hosts: 88.198.198.204 google.co.kr
O1 - Hosts: 88.198.198.204 google.co.ls
O1 - Hosts: 88.198.198.204 google.co.ma
O1 - Hosts: 88.198.198.204 google.co.nz
O1 - Hosts: 88.198.198.204 google.co.tz
O1 - Hosts: 88.198.198.204 google.co.ug
O1 - Hosts: 88.198.198.204 google.co.uk
O1 - Hosts: 88.198.198.204 google.co.za
O1 - Hosts: 88.198.198.204 google.co.zm
O1 - Hosts: 88.198.198.204 google.com
O1 - Hosts: 88.198.198.204 google.com.af
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Pinting\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\CommonFiles\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater6] "C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe"
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Update Service (gupdate1ca3c6bf18e55c) (gupdate1ca3c6bf18e55c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe