943,776 Members | Top Members by Rank

Hardware and Software > Microsoft Windows > Viruses, Spyware and other Nasties > what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)
Ad:
Permalink
Aug 4th, 2006
0

what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)

Expand Post »
finally got my computer going... not in safe mode. that ashweb seems to be a huge problem.

here is my newest hijack

Logfile of HijackThis v1.99.1
Scan saved at 8:41:07 AM, on 8/4/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\GEARSEC.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://195.95.218.172/index.php
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: localhost 127.0.0.1
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [lfoql.exe] C:\WINDOWS\System32\lfoql.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akamai.net/7/1408/995...TunesSetup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1129012798000
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...42/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{54073110-24A0-4593-A4A8-73ED5C793859}: NameServer = 85.255.116.29,85.255.112.134
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.29 85.255.112.134
O17 - HKLM\System\CS1\Services\Tcpip\..\{54073110-24A0-4593-A4A8-73ED5C793859}: NameServer = 85.255.116.29,85.255.112.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.29 85.255.112.134
O20 - Winlogon Notify: fslbpxhf - C:\WINDOWS\SYSTEM32\fslbpxhf.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: xoamefwa - C:\WINDOWS\SYSTEM32\xoamefwa.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSEC.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe



please.. anyone... this is my third attempt here. i've been without a computer for 4 weeks.
Similar Threads
Reputation Points: 10
Solved Threads: 0
Newbie Poster
Tom Wade is offline Offline
21 posts
since Jul 2005
Permalink
Aug 4th, 2006
0

Re: what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)

i hate to inform you but that file is a malicous file.

remove it
Reputation Points: 10
Solved Threads: 1
Light Poster
Maggot is offline Offline
26 posts
since Aug 2006
Permalink
Jul 21st, 2008
1

Re: what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)

Yeah, i know it's old, but there's not a lot of information on this and this link comes up near the top of google search for ashwebsv.exe. Also, this still happens even with the newest version of HJT. I just want to make sure that nobody follows the advice of this complete idiot.

ashwebsv.exe is AVAST ANTI-VIRUS'S WEBSCANNER!!! YOU NEED IT IF YOU HAVE AVAST ANTIVIRUS!!! Furthermore, the "file missing" is a BUG in hijackthis. you will find that if you search your drive, it is likely not missing unless you uninstalled avast wrong or something. If you find the file, it's not missing, is it? If you run avast, you need it. Ignore hijack this and this idiot above. DO NOT REMOVE IT YOU WILL HAVE NO AVAST WEBSCANNER!!!
Last edited by seaniesean; Jul 21st, 2008 at 2:02 pm.
Reputation Points: 10
Solved Threads: 1
Newbie Poster
seaniesean is offline Offline
1 posts
since Jul 2008
Permalink
Jul 21st, 2008
0

Re: what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)

Your problem is more than likely caused by the fact that you have THREE anti-virus programs running on the computer...at least a portions of Ewido Security Suite, and also Norton and Avast. The absolute rule is ONE anti-virus program on a computer. Pick ONE and totally UNINSTALL the others. Your choice. But be sure to UNINSTALL via Add/Remove, DON'T under any circumstances just delete them. If that Avast file shows as missing then it probably means that you attempted to uninstall but did not. You must do it the correct way otherwise portions of programs remain and cause problems.

Once you have done the uninstalls then REBOOT the computer. Delete the OLD version of HiJackThis that you have and download the newest version from HERE Be sure to install it to a folder of it's own. To do this create a new folder by right clicking on the desktop and choose New Folder. Then Rename the Folder HJT.
Download the new version of HJT to this folder and then run a new full system scan. Post back here with that new log.
You need to run a new scan with the newest version of HJT because there IS malware showing on the present log.
Last edited by jholland1964; Jul 21st, 2008 at 4:48 pm.
Moderator
Featured Poster
Reputation Points: 725
Solved Threads: 339
Posting Expert
jholland1964 is offline Offline
5,497 posts
since Jul 2008
Permalink
Jul 21st, 2008
0

Re: what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)

The OP is long gone I suspect. Was posted back in 06
Moderator
Featured Poster
Reputation Points: 1142
Solved Threads: 982
Most Valuable Poster
crunchie is offline Offline
12,163 posts
since Feb 2004
Permalink
Jul 21st, 2008
0

Re: what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)

Lordy! Didn't even look at the original date!
Moderator
Featured Poster
Reputation Points: 725
Solved Threads: 339
Posting Expert
jholland1964 is offline Offline
5,497 posts
since Jul 2008
Permalink
Jul 21st, 2008
0

Re: what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)

Click to Expand / Collapse  Quote originally posted by jholland1964 ...
Lordy! Didn't even look at the original date!
Nice one, Judy!
Moderator
Reputation Points: 169
Solved Threads: 106
Central Scrutinizer
PhilliePhan is offline Offline
1,576 posts
since Dec 2006
Permalink
Apr 5th, 2010
0
Re: what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)
ashwebsv.xe is normally a pat of avast home edition anti virus.
Reputation Points: 10
Solved Threads: 1
Newbie Poster
Nifnat is offline Offline
2 posts
since Apr 2010
Permalink
Apr 5th, 2010
0
Re: what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)
If you are not using avast but have been in the past I sugest that you make sure you have properly uninstalled avast or that you left click ashwebsv.exe in windows task manager and end the proccess tree.
Reputation Points: 10
Solved Threads: 1
Newbie Poster
Nifnat is offline Offline
2 posts
since Apr 2010
Permalink
Apr 5th, 2010
0
Re: what is AshwebSv.exe? i think that's the one that's getting me (hijackthis log)
Thank you .
Moderator
Featured Poster
Reputation Points: 1142
Solved Threads: 982
Most Valuable Poster
crunchie is offline Offline
12,163 posts
since Feb 2004

This thread is solved

Either the thread starter or a moderator has marked this thread as solved. You can most likely trust the responses and answers given. There is most likely no reason for any further responses to be posted here. If you have a related question, please start a new thread in this forum instead.

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
This thread is currently closed and is not accepting any new replies.
Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: HijackThis Log. Please help
Next Thread in Viruses, Spyware and other Nasties Forum Timeline: Chrome\Firefox\IE\Opera all redirect to Ads





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC