Blessings! Slow or No Internet, Need help understandinf Hijack Log

[RodneyG]

Dear friends,

My wifes computer has very slow, leading into no internet or email access and Avast4.8 is finding nothing. We clearly have connection, just not access. This has happened every 30 days or less and in the past we have found something through Avast4.8 or Windows Defender but today nothing.

After reading through the threads I have deleted everything in my temp folders, turned off system restore and ran Avast4.8. I have turned system restore back on and downloaded hi-jack this and ran it on my wifes computer. Here is the log: I am grateful for any help today, thank you!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:30:44 PM, on 9/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\MI1933~1\Office\OUTLOOK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Compaq_Owner\My Documents\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q105&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q105&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

--
End of file - 5290 bytes



THANK YOU for being here!

Rodney

[FreewheelinFrank]

Nothing obvious in the log.

Windows Defender isn't up to much- try these.

SUPERAntiSpyware Free
a-Squared Free
Malwarebytes' Anti-Malware

Download, install and update the programs.
Always select the option to quarantine any malware found rather than delete it, then you will be able to restore files or registry entries wrongly identified as malware- a rare but not unknown event for any malware scanner.

[RodneyG]

Thank you Frank!

Any other suggestions?
Also when you say Defender isn't up to much, are you saying it is essentially a waste of time?
Any time I can save would be gratefully recieved!

With Respect,

Rodney

[RodneyG]

One other question, how can I update the programs without Internet connection?

Thank you!

[FreewheelinFrank]

If there is anything, those three should find it.

I don't have any up-to-date figures on detection rates, but I've always found it pretty useless- it's been on computers I've cleaned up and not prevented an infection or been able to clean it.

I don't have it installed on XP.

XP Service Pack 3 is available, by the way, and Internet Explorer 8: both worthwhile upgrades.

[FreewheelinFrank]

One other question, how can I update the programs without Internet connection?

Thank you!

Download the installation file and definitions file (signatures) on another computer- just MalwareBytes and SuperAntiSpyware.

Definitions files here:

http://www.softpedia.com/get/Others/Signatures-Updates/

[RodneyG]

Thanks again Frank!

The updates wroked from the program, without a hitch so I am grateful.
I have internet connection (solid connection speed etc.) just no internet access or email access.

BTW, I would love to download Intenet Explorer 8, but service pack (3) gave me the blue screen of death months ago when I attempted to install it. I needed to use system restore to get my computer back online. I read several accounts of that happening to others as well.

Perhaps it was an earlier release? Do you know?
I am fearful of destroying my computer.

Thank you~

[FreewheelinFrank]

Thanks again Frank!

The updates wroked from the program, without a hitch so I am grateful.
I have internet connection (solid connection speed etc.) just no internet access or email access.

BTW, I would love to download Intenet Explorer 8, but service pack (3) gave me the blue screen of death months ago when I attempted to install it. I needed to use system restore to get my computer back online. I read several accounts of that happening to others as well.

Perhaps it was an earlier release? Do you know?
I am fearful of destroying my computer.

Thank you~

I think I remember something about earlier releases causing problems on some systems.

Here's some info from MS on installing SP3.

http://technet.microsoft.com/en-us/windows/cc164204.aspx

[Spiritsongs]

   Hi :

 I noticed from the Log an extremely outdated version of Java, an extreme security risk . Would recommend ALL Versions of this program be uninstalled
and when able to do so, get the latest version at www.java.com .
Also noticed some Facebook Entries in the Log and there has been recent News of a more virulent "Koobface" malware being released, so perhaps have
been infected with that !?

Perhaps the computer should be looked at by a trained, CERTIFIED, Volunteer
"Malware Removal Specialist" that can be found on Advanced Malware Removal
Forums, such as http://aumha.net, www.geekstogo.com, etc . They make
use of little known diagnostic programs that they have been trained to use
and remove difficult malware .

P.S. Should NOT be "Upgrading" the Operating System unless you are reasonable
sure the computer is malware-free ; Best done by One of those Experts I mentioned .