Thread: Please analyze my Hijackthis log
View Single Post
Old 02-09-2009, 01:02 AM   #1 (permalink)
tashawar
Registered User
 
Join Date: Feb 2009
Posts: 1
OS: xp


Please analyze my Hijackthis log
Slow browsing with Internet Explorer and also problem to access other network systems

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:58:33 AM, on 2/9/2009
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)
Boot mode: Normal

Running processes:
D:\Program Files (x86)\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files (x86)\Common Files\Symantec Shared\ccEvtMgr.exe
D:\Program Files (x86)\ESRI\License\arcgis9x\lmgrd.exe
D:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe
D:\Program Files (x86)\ESRI\License\arcgis9x\ARCGIS.exe
D:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe
E:\lotus\notes\NLNOTES.EXE
E:\lotus\notes\ntaskldr.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files (x86)\Mozilla Firefox\firefox.exe
D:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://islamabad.lmkr.net/mail/mkkha...d;1,s_UseBHO;1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 134.132.104.28:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = rpm.lmkr.net;lmkr.net;202.125.112.81;<local>
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - D:\Program Files (x86)\AskSearch\bin\DefaultSearch.dll
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - D:\Program Files (x86)\alot\bin\alot.dll (file missing)
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: &Download with &DAP - D:\Program Files (x86)\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\Program Files (x86)\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: D:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://tky09.celartem.com/en/downloa...trol_en_US.cab
O16 - DPF: {98C53984-8BF8-4D11-9B1C-C324FCA9CADE} (Loader Class v3) - http://houtdw981.rd.lgc.com/qcbin/Spider90.ocx
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - http://islamabad.lmkr.net/dwa7W.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = rdx.lgc.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{14546378-446E-44B8-B9E3-60D6F05A54BF}: NameServer = 134.132.104.22,134.132.104.23
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = rdx.lgc.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{14546378-446E-44B8-B9E3-60D6F05A54BF}: NameServer = 134.132.104.22,134.132.104.23
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = rdx.lgc.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{14546378-446E-44B8-B9E3-60D6F05A54BF}: NameServer = 134.132.104.22,134.132.104.23
O18 - Protocol: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - D:\Program Files (x86)\LizardTech\Express View\expressview.dll
O18 - Protocol: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - D:\Program Files (x86)\LizardTech\Express View\expressview.dll
O23 - Service: ArcGIS License Manager - Unknown owner - D:\Program Files (x86)\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files (x86)\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files (x86)\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - D:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - D:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - D:\WINDOWS\system32\services.exe (file missing)
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - D:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - D:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - D:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - d:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - D:\WINDOWS\system32\nvsvc64.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - D:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - D:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - D:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Symantec AntiVirus - Symantec Corporation - D:\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - D:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - D:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - D:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

--
End of file - 7220 bytes
tashawar is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here