Posting My Scanner Logs

[Ned]

Hi, I have completed the 'Read me before posting thread' here are the logs.

I am checking out this computer for a friend, its slow, he thinks it may be infected. I found one Trojan.

Here are the logs, the gdihook.dll is a mice patch from www.grc.org

Thanks,

Ned

[cauzomb]

YAY for castle wolfenstein :P
your logs are showing a fairly clean PC. There's some startup entries/extra programs running in the background that are taking up resources, they could be causing the system to run slower.

I see that you have NOD32 running, along with spybot search and destroy's teatimer. These two app's have components that may be conflicting with eachother.

It's recommended to disable spybot's teatimer component while preforming the scans/cleaning opperations, to prevent teatimer from stopping other anti-spyware/malware anti-virus applications from making necessary changes to the registry.

The MBAM log shows ONE suspect file that was quarantined/deleted successfully, I'll do a quick google search on that particular trojan to see if there are traces that may have been missed by MBAM [edit]~ the file listed in the MBAM log is apparently part of the mozilla firefox browser, associated with fbrowsing, it could be a popup/download manager, which could be exploited by malicious website content/popup's so this could be why it's being flagged.

The gdihook.dll file is being listed because there's a possible exploit on that file, there's a security/patch for the gdihook.dll file, but it looks like your hijackthis log is reflecting that the patch has been installed. The file is showing up in the app's default directory, so it's less suspect, other than the possible expoit/s.

[cauzomb]

also, can you tell us a little more about the computer?
I'd like to know the following:
CPU type/speed
How much total system memory is installed?
How much free/used hard drive space as well.

[Ned]

cauzomb,
Both Spybot and Nod32 were off during scans, but I will disable the teatimer
permanently.

The computer is a AMD 2500xp+ with 1gig of ram, slightly over clocked,
184 x 10.5 = 1932 if I remember correctly. I am not in front of it. 2 HD's
a 80gig and a 160gig, I will have to get back to you on how much is free.
Stretch the owner never lets the drives fill up, but I will check tomorrow
when I am home. Win XP sp2.

He is having trouble with updating nod32, it hasn't updated in months.
I have to get with him and contact eset.com and get that fixed.

I also need to see what all can be uninstalled that is running in the systray.

Thanks for the help,
Ned

[Ned]

cauzomb,
The computer has 47.3 gigs free on the C: drive 135.2 gigs on D:
TeaTimer disabled.

Thanks,
Ned