BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Computer problems with probable trojen
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Computer problems with probable trojen  
Forum Quick Jump
 
New Topic Post reply to : Computer problems with probable trojen Printable version of : Computer problems with probable trojen
[ << Previous Thread | Next Thread >> ]

Meter31
New Member


Date Joined Feb 2008
Total Posts : 3
 
   Posted 2/28/2008 3:40 AM (GMT +2)    Quote: Computer problems with probable trojenAlert an admin about: Computer problems with probable trojen
I'm trying to clean off my friends computer because it runs horribly and has a trojen on it. Someone I suggested that I download and run HijackThis so that is what I did. The only thing is I'm not too sure what to do with the results. I don't really know which belong on the computer and what shouldn't be there.
 
Here are the results
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.lhup.edu/
 
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
 
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
 
O2 - BHO:AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
 
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
 
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
 
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptd.dll
 
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
 
O4 - HKLM\..\Run: [IntelMeM} C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
 
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
 
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
 
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.sex" -start
 
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
 
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\sytem32\hkcmd.exe
 
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
 
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
 
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
 
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UpdaterUI.exe" /StartedFromRunKey
 
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
 
O4 - Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
 
O8 - Extra context menu item: E&xport to Microsoft Excell - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
 
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CV-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
 
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
 
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
 
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
 
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
 
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}- C:\WINDOWS\system32\Shdocvw.dll
 
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\ Messenger\msmsgs.exe
 
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
 
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com\fwlink\?linkid=39204
 
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
 
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll
 
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1099887486687
 
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.lhup.edu/activex/AxisCamControl.cab
 
O18 - Protocol: skupe4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
 
O23 - Service: iPod Service - Unknown owner- C:\Program Files\iPod\bin\iPodServcie.exe (file missing)
 
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
 
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
 
O23 - Serivce: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Enterprise\Mcshield.exe
 
O23 - Service: McAfee Task Manager (McTask Manager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
 
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
 
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
 
 
The one about the iPod I don't know what it's doing there because she doesn't own an iPod..
 
Any help anyone can give me would be absolutely amazing. Thank you so much :)
Back to Top
 
New Topic Post reply to : Computer problems with probable trojen Printable version of : Computer problems with probable trojen
 
Forum Information
Currently it is Sunday, November 23, 2014 11:13 PM (GMT +2)
There are a total of 60,769 posts in 13,349 threads.
In the last 3 days there were 0 new threads and 1 reply posts. View Active Threads
Who's Online
This forum has 36820 registered members. Please welcome our newest member, clairebutler.
9 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Will the problems never end? (4)11/21/2014 8:06:59 AM (Deb1957)