Results 1 to 2 of 2
  1. #1
    Mac Wiz nedkelly's Avatar
    Join Date
    Sep 2007
    Location
    Gulf Harbour
    Posts
    2,939

    Default HJT Scan for Speedy

    Would you be able to take a look at this?
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:49:22 p.m., on 29/09/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\TeamViewer\Version6\TeamViewer.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\NetWorx\networx.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Firefly Media Server\FireflyShell.exe
    C:\Program Files\Synergy\synergys.exe
    C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\SteamWatch\SteamWatchTray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Orbitdownloader\orbitdm.exe
    C:\Program Files\Stickies\stickies.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Orbitdownloader\orbitnet.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Users\***\AppData\Local\Google\Chrome\Applicati on\chrome.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Downloads\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
    O3 - Toolbar: &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\PROGRA~1\NetWorx\deskband.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,Regi sterModule
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
    O4 - HKCU\..\Run: [Google Update] "C:\Users\***\AppData\Local\Google\Update\GoogleUp date.exe" /c
    O4 - HKCU\..\Run: [FireflyShell] "C:\Program Files\Firefly Media Server\FireflyShell.exe" -q
    O4 - HKCU\..\Run: [Synergy Server] "C:\Program Files\Synergy\synergys.exe" --no-daemon --debug WARNING --name ***-PC --address :24800
    O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
    O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SteamWatchTray] C:\Program Files\SteamWatch\SteamWatchTray.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Startup: Digsby.lnk = C:\Program Files\Digsby\digsby.exe
    O4 - Startup: Stickies.lnk = C:\Program Files\Stickies\stickies.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} (DVM_IPCam2 Control) - http://10.0.0.80:49180/codebase/DVM_IPCam2.ocx
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4Com.dll
    O20 - AppInit_DLLs: APSHook.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AWUS036H - Realtek - C:\Program Files\AWUS036H Wireless LAN Utility\RtlService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: Firefly Media Server - Ron Pedde - C:\Program Files\Firefly Media Server\firefly.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: SteamWatch - CL - C:\Program Files\SteamWatch\SteamWatch.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
    Quote Originally Posted by nedkelly View Post
    I did not think of that.
    Quote Originally Posted by The Error Guy View Post
    Loving the quote! "I... Did not think of that"

  2. #2
    Member
    Join Date
    Dec 2004
    Location
    NZ
    Posts
    44,851

    Default Re: HJT Scan for Speedy

    Disable Windows defender if its running

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot

    Uninstall this

    O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe




Similar Threads

  1. HJT Log for Speedy if possible
    By SP8's in forum PressF1
    Replies: 5
    Last Post: 14-12-2010, 01:38 PM
  2. HJT for Speedy if possible.
    By SP8's in forum PressF1
    Replies: 7
    Last Post: 16-08-2010, 08:19 PM
  3. HJT log - thanks Speedy =)
    By mwcubsnut in forum PressF1
    Replies: 8
    Last Post: 16-07-2010, 02:02 PM
  4. HJT log for Speedy
    By lakewoodlady in forum PressF1
    Replies: 3
    Last Post: 15-01-2009, 03:57 PM
  5. Speedy G
    By JJJJJ in forum PC World Chat
    Replies: 26
    Last Post: 26-04-2008, 08:26 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •