UnThreaded | Threaded | Whole Thread (22) | Ignore Thread Prev Thread | Next Thread
Author: JanSz Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: of 189510  
Subject: HIJack this log 2/12/13 Date: 2/12/2013 5:57 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:53:59 PM, on 2/12/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe
C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe
C:\Users\Jan\Local Settings\Apps\F.lux\flux.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.glarysoft.com/?src=iehome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.glarysoft.com/?src=iehome
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9ENUS/110
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: VisualBee V.1 Toolbar - {7aeae561-714b-45f6-ace3-4a8aed6e227b} - C:\Program Files (x86)\VisualBee_V.1\prxtbVis0.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0021804 - {11111111-1111-1111-1111-110211181104} - C:\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: VisualBee V.1 - {7aeae561-714b-45f6-ace3-4a8aed6e227b} - C:\Program Files (x86)\VisualBee_V.1\prxtbVis0.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll
O3 - Toolbar: blekko search bar - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll
O3 - Toolbar: VisualBee V.1 Toolbar - {7aeae561-714b-45f6-ace3-4a8aed6e227b} - C:\Program Files (x86)\VisualBee_V.1\prxtbVis0.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe
O4 - HKCU\..\Run: [F.lux] "C:\Users\Jan\Local Settings\Apps\F.lux\flux.exe" /noshow
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (User 'Default user')
O4 - Startup: JustCloud.lnk = C:\Program Files (x86)\JustCloud\JustCloud.exe
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24) -
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Computer Backup (JustCloud) (BackupStack) - Just Develop It - C:\Program Files (x86)\JustCloud\BackupStack.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe
O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater14.1.7 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 22369 bytes
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Print the post Back To Top
Author: xSixSigmaMBB Big gold star, 5000 posts Old School Fool CAPS All Star Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183714 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/12/2013 6:27 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 1
I'm not an expert at reading HJT logs...

Why are you posting a HJT log? What symptoms are you worried about and or concerned about? Is your computer slow? Are you getting errors? These are the kinds of things we would need to know before just posting an HJT log.

I see a couple of things however that you should probably uninstall.

ask toolbar
avg toolbar
blekko search bar
visual b search bar

Is this something that you really use? I see it listed several times as being an issue
visicom antiphishing app

Additionally, it looks like you have both an HP and a Lexmark printer installed on your computer. Is that correct? If not, you might want to uninstall one if not necessary.

xSSMBB

Print the post Back To Top
Author: grouse100 Big gold star, 5000 posts Feste Award Nominee! Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183715 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/12/2013 7:09 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 1
As asked before what are you issues?

Get rid of SpyBot ans superanti and get both Malwarebytes and ADWCleaner

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022...

http://www.bleepingcomputer.com/download/adwcleaner/

Print the post Back To Top
Author: JanSz Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183717 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/12/2013 8:30 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Thank you for advice to date, I will work tommorrow on implementing it.

My major problem is that Google Chrome started crashing.
I uninstalled and re-installed it, but that have not helped.


.

Print the post Back To Top
Author: JanSz Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183718 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/12/2013 8:33 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Get rid of SpyBot ans superanti
-----------------------------------

Is that the same as Spybot Search and Destroy?

.

Print the post Back To Top
Author: grouse100 Big gold star, 5000 posts Feste Award Nominee! Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183719 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/12/2013 8:49 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
SpyBot AND SuperAntiSpyware

Print the post Back To Top
Author: JanSz Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183720 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/12/2013 8:53 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
ask toolbar
avg toolbar
blekko search bar
visual b search bar

======================================

removed

....

Print the post Back To Top
Author: JanSz Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183721 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/12/2013 9:00 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
SpyBot AND SuperAntiSpyware

are uninstalled


.

Print the post Back To Top
Author: math999man Big red star, 1000 posts Old School Fool Global Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183722 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/12/2013 10:46 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Just asking - what is wrong with Spybot ?

Print the post Back To Top
Author: TwoCybers Big gold star, 5000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183728 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 7:43 AM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 1
mathmannn the general Expert feeling about SAS and Spybot is they are sufficiently behind the effectiveness curve as to be only drags on performance. MalwareBytes is generally regarded as the best of the pack today. If you want to up your protection a bit further, spend $25 and get the Pro version of MalwareBytes. It offers two very nice things I know about (probably more I don't know about) #1 It monitor continuously - not just user activated scans. #2 It has the Chameleon function which others have described a Root-kit.

Gordon
Atlanta

Print the post Back To Top
Author: areumad Big red star, 1000 posts Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183729 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 10:41 AM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Gordon said it all

Print the post Back To Top
Author: JanSz Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183730 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 10:51 AM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 3
Summary

big Thank You!!

biggest problem, Chrome crashing seems to be gone
computer responds faster, I think

Should I do anything else, say run HijackThis and post log, to see any remining junk?


----------------------------------------------------------------------------------------------------
xSixSigmaMBB

ask toolbar
avg toolbar
blekko search bar
visual b search bar

are gone

I am not sure which one is/was HP printer,
I got rid off fax that I am not using
------------------------------------------------------------------------------------------------

grouse100

Spybot Search and Destroy
and
SuperAntiSpyware
are removed

ran adwcleaner
http://www.bleepingcomputer.com/download/adwcleaner/

removed lots of junk

ran
Malwarebytes-Anti-Malware
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022...

Found zero offenders.


.....................................................

Print the post Back To Top
Author: grouse100 Big gold star, 5000 posts Feste Award Nominee! Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183731 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 12:45 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 2
If MBAM is clean then all should be good. ADWCleaner was prolly the heavy lifter.

Hijack logs are generally of little use anymore. Most infections are hidden for hijack these days.

Gordon gave a spot on response WRT SpyBOt and SAS

Print the post Back To Top
Author: JanSz Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183735 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 1:46 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
This computer is Win7
I have also WinXP
is it ok to use ADWCleaner on XP?


...

Print the post Back To Top
Author: grouse100 Big gold star, 5000 posts Feste Award Nominee! Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183737 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 1:51 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
From the link

Windows XP/Vista/7/8
Can be used on both 32-bit and 64-bit operating systems.

Don't forget to use MBAM also, in your case it was likely not an infection, but rather the junk collected. That is not always the case.

Print the post Back To Top
Author: TMBFAverageJoe Big funky green star, 20000 posts Top Favorite Fools Top Recommended Fools Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183743 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 2:47 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
"get both Malwarebytes and ADWCleaner"

I've had MBAM all along, and had just now installed and ran ADWCleaner.
It gave me the below log.
The last entry is: >>OK. File is clean.<<
Do I have to delete anything?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v2.112 - Logfile created 02/13/2013 at 11:34:18
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : End User - SYSTEM1
# Boot Mode : Normal
# Running from : G:\z\all programs\AdwCleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\user.js
Folder Found : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Found : C:\Documents and Settings\End User\Application Data\Babylon
Folder Found : C:\Documents and Settings\End User\Start Menu\Programs\Browser Manager

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E44926-2497-46F3-8A25-928136AC079E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E44926-2497-46F3-8A25-928136AC079E}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BrowserMngr
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{41D42E90-86D2-4521-9847-625D114F7D30}
Key Found : HKLM\SOFTWARE\Classes\Interface\{622382CB-942C-4580-A2B3-7B06A58D8538}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4E09482-2C6A-44B2-8D40-ABC01B36BB9D}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F9E44926-2497-46F3-8A25-928136AC079E}
Key Found : HKU\S-1-5-21-789336058-1659004503-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6000.17115

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=113543&tt=3612_7&babsrc=HP...

-\\ Mozilla Firefox v10.0.12 (en-US)

File : C:\Documents and Settings\End User\Application Data\Mozilla\Firefox\Profiles\jnxakkaj.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2785 octets] - [13/02/2013 11:34:18]

########## EOF - C:\AdwCleaner[R1].txt - [2845 octets] ##########

Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Print the post Back To Top
Author: grouse100 Big gold star, 5000 posts Feste Award Nominee! Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183744 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 3:01 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Yes, only part was clean - now that you've run part 1 do the delete - it will remove babylon amongst other junk

Print the post Back To Top
Author: PSUEngineer Big funky green star, 20000 posts Top Favorite Fools Top Recommended Fools Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183745 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 3:14 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
get both Malwarebytes and ADWCleaner

Does it matter which one you run first?

Print the post Back To Top
Author: grouse100 Big gold star, 5000 posts Feste Award Nominee! Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183746 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 3:18 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
No - they go after diff things.

Print the post Back To Top
Author: JanSz Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183748 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 4:16 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
My Win7 64bit computer, a subject of this thread is holding up.
looks like it is fixed. Thank you again.

-------------------------------------------------------------

I have another, older computer, WinXP 32bit
Possibly I should start another thread, please advice.

On WinXP computer I did similar preliminary cleanup.
Tool bars out
SpyBot and Super AntiSyware out.

Installed ADWCleaner
It shows lots of junk.

When I try to delete that junk, computer hangs up.

Any advice?


.

Print the post Back To Top
Author: grouse100 Big gold star, 5000 posts Feste Award Nominee! Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183751 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/13/2013 5:00 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Run malwalbytes first and then see

Have you run ccleaner??

try running ADW in safe mode

Print the post Back To Top
Author: JanSz Big red star, 1000 posts Old School Fool Add to my Favorite Fools Ignore this person (you won't see their posts anymore) Number: 183785 of 189510
Subject: Re: HIJack this log 2/12/13 Date: 2/15/2013 7:13 PM
Post New | Post Reply | Reply Later | Create Poll . Report this Post | Recommend it!
Recommendations: 0
Run malwalbytes first and then see

Have you run ccleaner??

try running ADW in safe mode
---------------------------------------------------

This is what I did.

After running ADWCleaner in safe mode
there was still junk shown in regular mode,
but this time I was able to run ADWCleaner in normal mode.
----------------------------------------------------

Thank you guys for great support.



.

Print the post Back To Top
UnThreaded | Threaded | Whole Thread (22) | Ignore Thread Prev Thread | Next Thread
Advertisement