Results 1 to 10 of 10
  1. #1
    Member
    Join Date
    Jan 2006
    Location
    Sydney
    Posts
    305

    Default Help please, laptop playing up, HJT log posted

    HI everyone, my ASUS laptop is still creaking along - just kidding, it was working just fine until tonight, and for some reason it's started playing up. What's concerned me is that it is slow on banking sites, and a number of .com websites (facebook etc) cannot be accessed, in particular computer/download websites, like ccleaner, Avast, filehippo etc. A few forums too, but it's the computer ones that concern me. Seems to be the same on Firefox, Chrome and IE. I've made a HJT log, can y'all please have a look, and let me know if anything is wrong/dodgy? Thanks in advance for your help!

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 00:35:37, on 19/10/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UStorSrv.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\ASUS\Wireless Console\wcourier.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\SpywareGuard\sgmain.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\SpywareGuard\sgbhp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nz.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = 192.168.1.101
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O15 - Trusted Zone: www.wises.co.nz
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/reso...scbase8460.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1263806635859
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1265615801312
    O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/pro...anner37610.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5C906B2F-2533-4211-821B-0641E3C12618}: NameServer = 203.96.152.4,203.96.152.12
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

    --
    End of file - 7919 bytes

  2. #2
    Boulful Sallad goodiesguy's Avatar
    Join Date
    Mar 2010
    Location
    Dunedin
    Posts
    2,856

    Default Re: Help please, laptop playing up, HJT log posted

    Quote Originally Posted by Sick Puppy View Post
    HI everyone, my ASUS laptop is still creaking along - just kidding, it was working just fine until tonight, and for some reason it's started playing up. What's concerned me is that it is slow on banking sites, and a number of .com websites (facebook etc) cannot be accessed, in particular computer/download websites, like ccleaner, Avast, filehippo etc. A few forums too, but it's the computer ones that concern me. Seems to be the same on Firefox, Chrome and IE. I've made a HJT log, can y'all please have a look, and let me know if anything is wrong/dodgy? Thanks in advance for your help!

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 00:35:37, on 19/10/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:

    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe


    C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\SpywareGuard\sgmain.exe

    C:\Program Files\SpywareGuard\sgbhp.exe

    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe


    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup

    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/reso...scbase8460.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1263806635859
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1265615801312
    O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/pro...anner37610.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
    O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe


    --
    End of file - 7919 bytes
    These should be safe to delete. But DON'T delete them until user "Speedy Gonzales" comes along and checks the log, as he is the Pro at this type of thing.
    PC: Intel® Core™ i5-650 3.20 GHz | Intel® Desktop Board DQ57TM | 8GB DDR3 RAM | Radeon HD 4870 | Windows 10 Pro 64-Bit

  3. #3
    Member
    Join Date
    Jan 2006
    Location
    Sydney
    Posts
    305

    Default Re: Help please, laptop playing up, HJT log posted

    Bumpage - any help here would be appreciated.

    Thanks Goodiesguy - The Nokia stuff relates to my phone, does fixing them mean that the program wouldn't show up on start up, or would it prevent my phone from connecting to the PC?

  4. #4
    Pretends to know things
    Join Date
    Feb 2010
    Posts
    3,532

    Default Re: Help please, laptop playing up, HJT log posted

    you might want to be careful in regards to this:
    "
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    "
    I'm pretty sure that needs to be running or else you won't be able to sync your ipod/iphone. Check with speedy.

  5. #5
    Senior Member GameJunkie's Avatar
    Join Date
    Oct 2008
    Location
    64 Bitville
    Posts
    5,182

    Default Re: Help please, laptop playing up, HJT log posted

    yeah, i'd wait for speedy's input on this
    Speed has never killed anyone, suddenly becoming stationary... That's what gets you.


    JOIN THE FREE FORUMS!!!!!!

  6. #6
    Pedantic & Cynical Member Snorkbox's Avatar
    Join Date
    Apr 2010
    Location
    Tokoroa, NZ
    Posts
    4,438

    Default Re: Help please, laptop playing up, HJT log posted

    Speedy has not been around for a few days.

  7. #7
    Computer Technician wainuitech's Avatar
    Join Date
    Aug 2007
    Location
    Wellington
    Posts
    28,112

    Default Re: Help please, laptop playing up, HJT log posted

    Quote Originally Posted by goodiesguy View Post
    These should be safe to delete. But DON'T delete them until user "Speedy Gonzales" comes along and checks the log, as he is the Pro at this type of thing.
    Holy crap, dont go posting telling people to remove things if you have no idea what they are -- saying "should be Ok " is not an option, about the only thing that is right is wait for better advise.

    If you remove a lot of those entries you will cause all sorts of problems and you certainly wont gain any access to sites.

    The HJT log is not to bad, theres no infections or nasties showing.

    this can go -its a dead entry:

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)


    I'd be dumping Avast, its gone hopeless these days and is slowly becoming a system hog, missing to many infections as well as causing a lot of problems. ( had to remove 3 from peoples computers over the last two weeks, because it was corrupting the OS's and missing lots of infections)

    re the Internet -- If its only today , I wouldn't worry about it to much -- over the last week the overseas sites have been up and down faster than a Yo-Yo

    Just last week, Nod32 was blocking Piriform ( ccleaners home site) as being an attack site, as well as several other well trusted sites, I suspect something went ga-ga for some reason.

    Try checking, or resetting your host file, make sure nothing is being blocked. One way or a slightly better option and check --- download Trojan Remover Run it first to do a scan, then under Utilities, theres a few options as well as reset host file.

    Also , un-install Spyware guard - its about as good as windows defender -- in other words more trouble than its worth
    Last edited by wainuitech; 24-10-2011 at 08:04 PM.

  8. #8
    Member
    Join Date
    Dec 2004
    Location
    NZ
    Posts
    44,851

    Default Re: Help please, laptop playing up, HJT log posted

    I moved so the BB was disconnected (from 16/10 till tonight 24/10) / xferred / moved to my new address. I'm now in the middle of Otahuhu and Manukau. Which is why I havent been online

    I would get rid of Spyware Guard

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe

    O4 - Global Startup: Bluetooth Manager.lnk = ?

    O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} -

    Is windows up to date?

  9. #9
    Member
    Join Date
    Jan 2006
    Location
    Sydney
    Posts
    305

    Default Re: Help please, laptop playing up, HJT log posted

    Thanks guys - will go through all these tomorrow evening and get it sorted!

    Windows - no, not even close to being up to date I think - if I cannot remember when I did it, I consider it out of date, and it's been quite a while!

    Spyware Guard - will get rid of, but what changed, I thought this was recommended? But then I think that was when I bought this laptop! lol

    Any recommendations re: replacements for Avast!? Anything but AVG, I've always found it to be a dog... but then it could be it's master!

    Internet access seems to have sorted itself, I cleared FF's history, which I don't usually do with CCleaner, and it seemed to help. Being unable ot access Piriform was one of the issues I had, and between that and my wife having access issues, I was wondering if something was wrong with Us, the router, or just the net...

    Speedy & Wainui, thank you!

  10. #10
    Pretends to know things
    Join Date
    Feb 2010
    Posts
    3,532

    Default Re: Help please, laptop playing up, HJT log posted

    Microsoft security essentials or a decent paid AV ie ESET NOD32 or kaspersky.

Similar Threads

  1. Don't Know If I Posted This B4 Or Not -------
    By SurferJoe46 in forum PC World Chat
    Replies: 2
    Last Post: 02-11-2010, 05:18 PM
  2. Replies: 2
    Last Post: 14-11-2008, 03:39 PM
  3. Replies: 6
    Last Post: 24-07-2007, 08:45 AM
  4. About the FAQ I just posted
    By Chilling_Silence in forum PressF1
    Replies: 0
    Last Post: 04-12-2002, 10:51 AM
  5. Ya! I posted first!
    By in forum PressF1
    Replies: 1
    Last Post: 01-01-2002, 12:37 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •