Computer problems with probable trojen

Posted 2/28/2008 1:40 AM
#60110
User avatar

Meter31 Member

Date Joined Nov 2016
Total Posts: 3
I'm trying to clean off my friends computer because it runs horribly and has a trojen on it. Someone I suggested that I download and run HijackThis so that is what I did. The only thing is I'm not too sure what to do with the results. I don't really know which belong on the computer and what shouldn't be there.


Here are the results



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway



R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Start Page = http://www.lhup.edu/



R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway



R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway



R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)



O2 - BHO:AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll



O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll



O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll



O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll



O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptd.dll



O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe



O4 - HKLM\..\Run: [IntelMeM} C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe



O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe



O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup



O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.sex" -start



O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe



O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\sytem32\hkcmd.exe



O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe



O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime



O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE



O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UpdaterUI.exe" /StartedFromRunKey



O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u



O4 - Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe



O8 - Extra context menu item: E&xport to Microsoft Excell - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000



O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CV-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll



O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll



O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll



O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL



O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe



O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}- C:\WINDOWS\system32\Shdocvw.dll



O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\ Messenger\msmsgs.exe



O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe



O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - (Windows Genuine Advantage Validation Tool) - [url=http://go.microsoft.com\fwlink\?linkid=39204]http://go.microsoft.com\fwlink\?linkid=39204[/url]



O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab



O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://myheritage.com/Genoogle/Components/ActiveX/SearchEngineQuery.dll



O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1099887486687



O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.lhup.edu/activex/AxisCamControl.cab



O18 - Protocol: skupe4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL



O23 - Service: iPod Service - Unknown owner- C:\Program Files\iPod\bin\iPodServcie.exe (file missing)



O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe



O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe



O23 - Serivce: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Enterprise\Mcshield.exe



O23 - Service: McAfee Task Manager (McTask Manager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe



O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe



O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe





The one about the iPod I don't know what it's doing there because she doesn't own an iPod..



Any help anyone can give me would be absolutely amazing. Thank you so much :)
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Sunday, January 22, 2017, 7:18 PM (GMT +1)
There are a total of 61,165 posts in 13,449 threads.
In the last 3 days there were 0 new threads and 2 reply posts.

Who's online

This forum has 37,987 registered members. Please welcome our newest member, Weiwei.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.