Can anyone check my hijackthis log?

Hitman247m · December 16, 2006

I was wondering if anyone could check my log, see if I've got any problems I don't know about :D

Running processes:

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

C:\WINDOWS\system32\services[Caution: ExecutableFile]

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

C:\Program Files\Windows Defender\MsMpEng[Caution: ExecutableFile]

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

C:\Program Files\Common Files\Symantec Shared\ccProxy[Caution: ExecutableFile]

C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile]

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile]

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc[Caution: ExecutableFile]

C:\WINDOWS\system32\CTsvcCDA[Caution: ExecutableFile]

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm[Caution: ExecutableFile]

C:\WINDOWS\Explorer[Caution: ExecutableFile]

C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

C:\WINDOWS\system32\SatSrv[Caution: ExecutableFile]

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

C:\Program Files\Real\RealPlayer\RealPlay[Caution: ExecutableFile]

C:\WINDOWS\system32\RUNDLL32[Caution: ExecutableFile]

C:\WINDOWS\system32\Rundll32[Caution: ExecutableFile]

C:\WINDOWS\System32\DLA\DLACTRLW[Caution: ExecutableFile]

C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray[Caution: ExecutableFile]

C:\DOCUME~1\Michael\LOCALS~1\Temp\clclean.0001

C:\Program Files\Java\jre1.5.0_09\bin\jusched[Caution: ExecutableFile]

C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]

C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]

C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing[Caution: ExecutableFile]

C:\Program Files\Dell\Media Experience\DMXLauncher[Caution: ExecutableFile]

C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol[Caution: ExecutableFile]

C:\Program Files\Unlocker\UnlockerAssistant[Caution: ExecutableFile]

C:\WINDOWS\stsystra[Caution: ExecutableFile]

C:\Program Files\Steganos Safe 2007\SteganosHotKeyService[Caution: ExecutableFile]

C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag[Caution: ExecutableFile]

C:\Program Files\Steganos Safe 2007\SteganosAgent[Caution: ExecutableFile]

C:\Program Files\Steganos Safe 2007\fredirstarter[Caution: ExecutableFile]

C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler[Caution: ExecutableFile]

C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

C:\Program Files\Windows Defender\MSASCui[Caution: ExecutableFile]

C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim[Caution: ExecutableFile]

C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: ExecutableFile]

C:\WINDOWS\system32\ctfmon[Caution: ExecutableFile]

C:\Program Files\AutoSizer\AutoSizer[Caution: ExecutableFile]

C:\Program Files\Windows Media Player\WMPNSCFG[Caution: ExecutableFile]

C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile]

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

C:\Program Files\Internet Explorer\IEXPLORE[Caution: ExecutableFile]

C:\Program Files\Internet Explorer\iexplore[Caution: ExecutableFile]

C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE[Caution: ExecutableFile]

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

C:\Documents and Settings\Michael\My Documents\Programs\HijackThis[Caution: ExecutableFile]

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.ca/myway

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC[Caution: ExecutableFile]" /tray

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay[Caution: ExecutableFile] SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [Password Keychain] Y:\Password Keychain\Passkeychain[Caution: ExecutableFile] /H

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MBMon] Rundll32 CTMBHA.DLL,MBMon

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW[Caution: ExecutableFile]

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray[Caution: ExecutableFile]"

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg[Caution: ExecutableFile]

O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot[Caution: ExecutableFile]

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched[Caution: ExecutableFile]"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm[Caution: ExecutableFile]" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch[Caution: ExecutableFile]" -start

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile]

O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct[Caution: ExecutableFile] /uninstall

O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher[Caution: ExecutableFile]

O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol[Caution: ExecutableFile] /r

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant[Caution: ExecutableFile]"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra[Caution: ExecutableFile]

O4 - HKLM\..\Run: [sAFE2007 HotKeys] C:\Program Files\Steganos Safe 2007\SteganosHotKeyService[Caution: ExecutableFile]

O4 - HKLM\..\Run: [sAFE2007 Agent] C:\Program Files\Steganos Safe 2007\SteganosAgent[Caution: ExecutableFile]

O4 - HKLM\..\Run: [sAFE2007 File Redirection Starter] C:\Program Files\Steganos Safe 2007\fredirstarter[Caution: ExecutableFile]

O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler[Caution: ExecutableFile]" /RUN_SCHEDULER

O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn[Caution: ExecutableFile]" /m=0

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon[Caution: ExecutableFile]

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui[Caution: ExecutableFile]" -hide

O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef[Caution: ExecutableFile]

O4 - HKCU\..\Run: [L33TSig] "C:\Program Files\L33TSig\L33TSig[Caution: ExecutableFile] -s"

O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect[Caution: ExecutableFile]" /R

O4 - HKCU\..\Run: [ctfmon[Caution: ExecutableFile]] C:\WINDOWS\system32\ctfmon[Caution: ExecutableFile]

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background

O4 - HKCU\..\Run: [AutoSizer] "C:\Program Files\AutoSizer\AutoSizer[Caution: ExecutableFile]"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG[Caution: ExecutableFile]

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL[Caution: ExecutableFile]/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll

O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag[Caution: ExecutableFile] (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag[Caution: ExecutableFile] (file missing)

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger[Caution: ExecutableFile]

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger[Caution: ExecutableFile]

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 2.1.87.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1507342250

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab

O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab

O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} (Logout Class) - http://www.tricksteronline.com/control/ ... ponent.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: ExecutableFile]

O23 - Service: Apache2 - Unknown owner - Z:\apache\bin\apache[Caution: ExecutableFile]" -k runservice (file missing)

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc[Caution: ExecutableFile]

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc[Caution: ExecutableFile]

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy[Caution: ExecutableFile]

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost[Caution: ExecutableFile]

O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing[Caution: ExecutableFile]

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA[Caution: ExecutableFile]

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile]

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1[Caution: ExecutableFile]

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV[Caution: ExecutableFile]

O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr[Caution: ExecutableFile]" -sSQLEXPRESS (file missing)

O23 - Service: mysql - Unknown owner - Z:\\mysql\bin\mysqld-nt[Caution: ExecutableFile] (file missing)

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc[Caution: ExecutableFile]

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE[Caution: ExecutableFile]

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR[Caution: ExecutableFile]

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd[Caution: ExecutableFile]" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan[Caution: ExecutableFile]

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService[Caution: ExecutableFile]

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile]

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV[Caution: ExecutableFile]

O23 - Service: Steganos AntiTheft - Unknown owner - C:\WINDOWS\system32\\SatSrv[Caution: ExecutableFile]

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile]

compfreak847 · December 19, 2006

I glanced through it - looks pretty good except for "O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) " Either it's a deleted toolbar, or a virus running in memery embedded in IE :) Other then that, you look fine, and I wouldn't worry about it because your running Windows Defender. Don't take my word for it, though. I'm not an expert on HijackThis.

Mazurizi · December 19, 2006

O4 - HKCU\..\Run: [L33TSig] "C:\Program Files\L33TSig\L33TSig[Caution] -s"

Ummm... L33TSig... :-s Could be a potential Virus, I'd get rid of it anyway. No point in having it.

compfreak847 · December 19, 2006

L33TSig = Free PHP Dynamic Signature Generator for Forums, Bulletin Boards etc. Check out http://www.L33TSig.net

Mazurizi · December 19, 2006

And the need for it is minimal if you know the slightest bit of HTML.

Cruiser · December 19, 2006

And the need for it is minimal if you know the slightest bit of HTML.

And if you had any clue what you were saying, you would know dynamic signatures have nothing to do with HTML and everything to do with PHP and image output.

If you don't know what it is, you shouldn't be responding to HJT logs. Period.

Jaziek · December 19, 2006

And the need for it is minimal if you know the slightest bit of HTML.

And if you had any clue what you were saying, you would know dynamic signatures have nothing to do with HTML and everything to do with PHP and image output.

If you don't know what it is, you shouldn't be responding to HJT logs. Period.

thats a bit harsh - u dont have to know PHP to recognize spyware.

Cruiser · December 19, 2006

I never said you did. He commented on a signature generator. Random signature generators have 0 to do with HTML, which he said isn't needed if you know HTML.

Removing random things from HJT logs because "it could be a virus" can break peoples computers and isn't a good thing to be doing.

compfreak847 · December 19, 2006

Removing random things from HJT logs because "it could be a virus" can break peoples computers and isn't a good thing to be doing.

My thoughts exactally. If your not sure what it is, Google it.

Mazurizi · December 19, 2006

All I said was it is un-needed, who needs it if you're just going to put a link in your signature and some text?

If it is for making Custom Dynamic Sigs then that's ok, but most forums don't require Dynamic Signatures.

compfreak847 · December 19, 2006

I was wondering if anyone could check my log, see if I've got any problems I don't know about

He just wanted to know if he had spyware or viruses, not comments about his not needing some programs.

kopf1988 · January 1, 2007

C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag[Caution]

MusicMatch Jukebox has had spyware problems, I recommend finding something better.

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

Just wondering why you would need this as a BHO, but it is a part of DVD/CD Burning software.

O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll

Do you need this running on startup? If you aren't using FTP for anything, delete this one.

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

Go ahead and delete this. It won't hurt your computer, because all necessary system processes come with names, or at least I'm pretty sure.

O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC[Caution]" /tray

Remove this, because you can run it when you want it. The more things running on startup, the slower your computer goes, gauranteed.

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay[Caution] SYSTEMBOOTHIDEPLAYER

Erase this, unless you like RealPlayer as your main player, otherwise it will just slow you down. YOUR CHOICE!

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg[Caution]

Reminds you to register Creative Labs software> You don't need it.

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution]" -atboottime

Again, to much on startup slows you down.

O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher[Caution]

If you aren't using your computer as an enhanced media workstation, you won't need this. Check it out and see if you use it.

O4 - HKLM\..\Run: [CONNECTScheduler] "C:\Program Files\Sony\CONNECTAutoUpdate\CONNECTScheduler[Caution]" /RUN_SCHEDULER

I think this is part of a Digital Rights Management Program (PURE EVIL). Research this.

O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn[Caution]" /m=0

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon[Caution]

GET RID OF THESE NOW!!!!!!!!!!!!!

O4 - HKCU\..\Run: [AutoSizer] "C:\Program Files\AutoSizer\AutoSizer[Caution]"

If you know what this is, then keep it. Otherwise, consider deleting. Some people use this to keep the Internet Maximized all the time.

I recommend you look through the rest after that, because that's all the help I can give for free :P lol

Can anyone check my hijackthis log?

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Important Information