| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 139560 | 2015-05-23 23:47:00 | Hijack This logfile | Richard (739) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1401239 | 2015-05-23 23:47:00 | Hi Speedy . Can you please look at this for me and advise if there is anything odd about it . There seems to be a lot of "file missing" lines . Should I delete these? Logfile of Trend Micro HijackThis v2 . 0 . 5 Scan saved at 10:41:11 a . m . , on 24/05/2015 Platform: Unknown Windows (WinNT 6 . 02 . 1008) MSIE: Internet Explorer v11 . 0 (11 . 00 . 9600 . 17416) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend . exe C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect . exe C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08 . exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus . exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2 . exe C:\Users\Richard\AppData\Local\Microsoft\Windows\I NetCache\IE\5ZITOWRJ\HijackThis . exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = . microsoft . com/fwlink/p/?LinkId=255141" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = . microsoft . com/fwlink/p/?LinkId=255141" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = . microsoft . com/fwlink/?LinkId=54896" target="_blank">go . microsoft . com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = . microsoft . com/fwlink/p/?LinkId=255141" target="_blank">go . microsoft . com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank . htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system . ini: UserInit=userinit . exe, O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin . dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth . dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR . DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7 . 1 . 355 . 0\BingExt . dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7 . 1 . 355 . 0\BingExt . dll" (file missing) O4 - HKLM\ . . \Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus . exe O4 - HKLM\ . . \Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2 . exe O4 - HKLM\ . . \Run: [NielsenOnline] C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline . ex e O4 - HKCU\ . . \Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype . exe" /minimized /regrun O4 - HKCU\ . . \Run: [MyDriveConnect . exe] "C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect . exe" O4 - HKCU\ . . \Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64 . exe" /MONITOR O4 - Startup: Logitech . Product Registration . lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg . exe O4 - Global Startup: HP Digital Imaging Monitor . lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08 . exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE . dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE . dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes . dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes . dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin . dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://apps . driversupport . com O16 - DPF: {55A2C0CD-3DE8-4264-9637-A0B40B05714E} (Mail Migration) - . mail . live . com/mail/MailMigrationCabFileHolder . aspx?n=645048906" target="_blank">col0-sec . mail . live . com O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin . dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF . DLL O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32 Loader . dll O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11 . 0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent . exe O23 - Service: @%SystemRoot%\system32\Alg . exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg . exe (file missing) O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1 . 00 . 19\atkexComSvc . exe O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc . - C:\Program Files (x86)\ASUS\AAHM\1 . 00 . 20\aaHMSvc . exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc . - C:\Program Files (x86)\ASUS\AsSysCtrlService\1 . 00 . 13\AsSysCtrlServi ce . exe O23 - Service: AsusFanControlService - ASUSTeK Computer Inc . - C:\Program Files (x86)\ASUS\AsusFanControlService\1 . 02 . 05\AsusFanCo ntrolService . exe O23 - Service: @%SystemRoot%\system32\efssvc . dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass . exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn . exe O23 - Service: @%systemroot%\system32\fxsresm . dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc . exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate . exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate . exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService . exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres . dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector . exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC . EXE O23 - Service: @keyiso . dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass . exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc . - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv . exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice . exe O23 - Service: @comres . dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc . exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon . dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass . exe (file missing) O23 - Service: Nielsen Update (NielsenUpdate) - The Nielsen Company - C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate . ex e O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc . exe (file missing) O23 - Service: @%systemroot%\system32\Locator . exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator . exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv . dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass . exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014 . SP2a\RpcAgentSrv . exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater . exe O23 - Service: @%SystemRoot%\system32\snmptrap . exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap . exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv . exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv . exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc . exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc . exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr . exe O23 - Service: @%SystemRoot%\system32\ui0detect . exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect . exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc . dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass . exe (file missing) O23 - Service: @%SystemRoot%\system32\vds . exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds . exe (file missing) O23 - Service: @%systemroot%\system32\vssvc . exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc . exe (file missing) O23 - Service: @%systemroot%\system32\wbengine . exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine . exe (file missing) O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc . - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine . exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc . - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService . exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc . dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv . exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc . dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng . exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv . exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv . exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk . exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk . exe (file missing) -- End of file - 10260 bytes |
Richard (739) | ||
| 1401240 | 2015-05-24 03:54:00 | No dont delete the missing files entries. It's because HJT doesnt know what the version of Windows is Dont think you need this O4 - HKLM\..\Run: [NielsenOnline] C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.ex e This can make windows longer to boot. Untick it in ccleaner O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR You dont need this in startup. Delete it in ccleaner O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe |
Speedy Gonzales (78) | ||
| 1401241 | 2015-05-24 04:39:00 | Thanks for the assistance speedy. Will do. | Richard (739) | ||
| 1401242 | 2015-05-24 05:38:00 | No probs | Speedy Gonzales (78) | ||
| 1 | |||||