We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

Hijack Log - can you help please

donny-gal
donny-gal Posts: 4,657 Forumite
First Anniversary Combo Breaker First Post
edited 10 September 2014 at 2:36PM in Techie Stuff
Hi
Trying to sort a laptop out for elderly neighbour. Got it reasonable, and working now, but can anyone give me any advice on the log.
DG
Member #8 of the SKI-ers Club
Why is it I have less time now I am retired then when I worked?

Comments

  • donny-gal
    donny-gal Posts: 4,657 Forumite
    First Anniversary Combo Breaker First Post
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Launch Manager\OSD.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\FSP\FspUip.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
    C:\Program Files\AVAST Software\Avast\avastui.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\explorer.exe
    C:\Users\Gerald\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
    https://uk.yahoo.com?fr=hp-avast&type=avastbcl
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
    https://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    https://uk.yahoo.com?fr=hp-avast&type=avastbcl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
    https://uk.yahoo.com?fr=hp-avast&type=avastbcl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    https://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    https://uk.yahoo.com?fr=hp-avast&type=avastbcl
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    Member #8 of the SKI-ers Club
    Why is it I have less time now I am retired then when I worked?
  • donny-gal
    donny-gal Posts: 4,657 Forumite
    First Anniversary Combo Breaker First Post
    O2 - BHO: (no name) - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper -
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
    Files\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! Online Security -
    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST
    Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper -
    {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common
    Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -
    C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
    {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
    Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - (no file)
    O3 - Toolbar: Easy Photo Print -
    {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson
    Software\Easy Photo Print\EPTBL.dll
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix
    Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [LMgrVolOSD] "C:\Program Files\Launch Manager\OSD.exe"
    O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [fspuip] "C:\Program Files\FSP\fspuip.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [CaddieSyncConduit] C:\Program
    Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST
    Software\Avast\AvastUI.exe" /nogui
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common
    Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe"
    /minimized /regrun
    O4 - HKCU\..\Run: [EPSON SX510W Series]
    C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU
    "C:\Windows\TEMP\E_S20F8.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Epson Stylus SX510W(Network)]
    C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU
    "C:\Windows\TEMP\E_S6DD0.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [EPSON81FB45]
    C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU
    "C:\Windows\TEMP\E_SDBEE.tmp" /EF "HKCU"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
    Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin]
    C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
    Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin]
    C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview]
    "C:\Windows\System32\SPReview\SPReview.exe" /sp:1
    /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915"
    /build:7601 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview]
    "C:\Windows\System32\SPReview\SPReview.exe" /sp:1
    /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915"
    /build:7601 (User 'Default user')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver -
    res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: eBay Search - res://C:\Program
    Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O9 - Extra button: @C:\Program Files\Windows
    Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 -
    {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
    Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows
    Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 -
    {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows
    Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
    C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}
    - http://rover.ebay.com/rover/1/710-72741-17534-1/4 (file missing)
    (HKCU)
    O9 - Extra 'Tools' menuitem: eBay.co.uk -
    {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -
    http://rover.ebay.com/rover/1/710-72741-17534-1/4 (file missing)
    (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files\common
    files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common
    files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
    Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
    http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
    C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
    C:\Program Files\Windows Live\Photo
    Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe
    Systems Incorporated - C:\Program Files\Common
    Files\Adobe\ARM\1.0\armsvc.exe
    Member #8 of the SKI-ers Club
    Why is it I have less time now I am retired then when I worked?
  • donny-gal
    donny-gal Posts: 4,657 Forumite
    First Anniversary Combo Breaker First Post
    O23 - Service: Adobe Flash Player Update Service
    (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated -
    C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program
    Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION -
    C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON
    CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
    O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON
    CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
    O23 - Service: Firebird Server - MAGIX Instance
    (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program
    Files\ALDI\Common\Database\bin\fbserver.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc.
    - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google
    Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
    Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) -
    Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage
    Manager\IAANTMon.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program
    Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program
    Files\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: pcCMService - Alcatel-Lucent - C:\Program Files\Common
    Files\Motive\pcCMService.exe
    O23 - Service: ProtexisLicensing - Unknown owner -
    C:\Windows\system32\PSIService.exe
    O23 - Service: Macrium Reflect Image Mounting Service
    (ReflectService.exe) - Paramount Software UK Ltd - C:\Program
    Files\Macrium\Reflect\ReflectService.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies -
    C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program
    files\idt\wdm\STacSV.exe
    O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch
    Manager\WisLMSvc.exe

    --
    End of file - 9094 bytes
    Member #8 of the SKI-ers Club
    Why is it I have less time now I am retired then when I worked?
  • donny-gal
    donny-gal Posts: 4,657 Forumite
    First Anniversary Combo Breaker First Post
    Sorry its in 3 bits, but having problems posting it.

    Machine spec
    Window 7 Home Premium 32 bit SP1
    Pentium Dual Core CPU T4500 @2.30GHz
    4Gb Ram
    Mobile Intel Series Express Chipset Family

    Loads of space 212gb free of 256gb.

    Thanks in advance
    DG
    Member #8 of the SKI-ers Club
    Why is it I have less time now I am retired then when I worked?
This discussion has been closed.
Meet your Ambassadors

Categories

  • All Categories
  • 346K Banking & Borrowing
  • 251.1K Reduce Debt & Boost Income
  • 451.1K Spending & Discounts
  • 238.1K Work, Benefits & Business
  • 613.1K Mortgages, Homes & Bills
  • 174.5K Life & Family
  • 251.3K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.