Karl`s PC Help Forums

Hijackthis for Pancake's attention
Redwolf5150 - 5-7-2008 at 01:29

Here is the log for MY machine. Trend has been acting funny and [b]THEIR[/b] tech recommended running it.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:28:08 PM, on 7/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesSeagateSchedule2schedul2.exe
C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsFileAgent.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:WINDOWSeHomeehRecvr.exe
C:WINDOWSeHomeehSched.exe
C:Program FilesCitrixICA Clientssonsvr.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesCanonMemory Card UtilityPIXMA iP6000DPDUiP6000DMemCrdMgr.exe
C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsDeviceConnect.exe
C:Program FilesCommon FilesNew BoundaryPrismXLPRISMXL.SYS
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Tablet.exe
C:Program FilesTrend MicroInternet SecurityUfSeAgnt.exe
C:Program FilesTrend MicroBMTMBMSRV.exe
C:WINDOWSExplorer.EXE
C:Program FilesCanonCALCALMAIN.exe
C:WINDOWSsystem32dllhost.exe
C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe
C:Program FilesTrend MicroInternet SecurityTmProxy.exe
C:WINDOWSehomeehtray.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesDigital Media Readerreadericon45G.exe
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:Program FilesCanonMemory Card UtilityPIXMA iP6000DPDUiP6000DMon.exe
C:Program FilesCanonMemory Card UtilityPIXMA iP6000DPDUiP6000DTskbr.exe
C:Program FilesD-Toolsdaemon.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesJavajre1.6.0_05binjusched.exe
C:Program FilesSeagateDiscWizardDiscWizardMonitor.exe
C:Program FilesSeagateDiscWizardTimounterMonitor.exe
C:Program FilesCommon FilesSeagateSchedule2schedhlp.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesBigFixBigFix.exe
C:Program FilesCMS PeripheralsBounceBack ExpressBBLauncher.exe
C:WINDOWSeHomeehmsas.exe
C:Program FilesPantonehueyPROhueyPROTray.exe
C:WINDOWSsystem32WTabletTabUserW.exe
C:Program FilesiPodbiniPodService.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:DOCUME~1OwnerLOCALS~1TempTemporary Directory 1 for HiJackThis.zipHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.gateway.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_05binssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:Program FilesCanonEasy-WebPrintToolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [readericon] C:Program FilesDigital Media Readerreadericon45G.exe
O4 - HKLM..Run: [Recguard] %WINDIR%SMINSTRECGUARD.EXE
O4 - HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [PDUiP6000DMon] C:Program FilesCanonMemory Card UtilityPIXMA iP6000DPDUiP6000DMon.exe
O4 - HKLM..Run: [PDUiP6000DTskbr] C:Program FilesCanonMemory Card UtilityPIXMA iP6000DPDUiP6000DTskbr.exe
O4 - HKLM..Run: [MSKDetectorExe] C:Program FilesMcAfeeSpamKillerMSKDetct.exe /uninstall
O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_05binjusched.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [DiscWizardMonitor.exe] C:Program FilesSeagateDiscWizardDiscWizardMonitor.exe
O4 - HKLM..Run: [AcronisTimounterMonitor] C:Program FilesSeagateDiscWizardTimounterMonitor.exe
O4 - HKLM..Run: [Acronis Scheduler2 Service] "C:Program FilesCommon FilesSeagateSchedule2schedhlp.exe"
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [UfSeAgnt.exe] "C:Program FilesTrend MicroInternet SecurityUfSeAgnt.exe"
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [NBJ] "C:Program FilesAheadNero BackItUpNBJ.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: BigFix.lnk = C:Program FilesBigFixBigFix.exe
O4 - Global Startup: BounceBack Launcher.lnk = C:Program FilesCMS PeripheralsBounceBack ExpressBBLauncher.exe
O4 - Global Startup: hueyPROTray.lnk = C:Program FilesPantonehueyPROhueyPROTray.exe
O4 - Global Startup: TabUserW.exe.lnk = C:WINDOWSsystem32WTabletTabUserW.exe
O8 - Extra context menu item: Add to EverNote - res://C:Program FilesEverNoteEverNoteenbar.dll/2000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05binssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:Program FilesEverNoteEverNoteenbar.dll
O9 - Extra 'Tools' menuitem: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:Program FilesEverNoteEverNoteenbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:Program FilesCommon FilesSeagateSchedule2schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:Program FilesCanonCALCALMAIN.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:Program FilesMAGIXCommonDatabasebinfbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Canon PIXMA iP6000D Memory Card Manager (PDUiP6000DMemCrdMgr) - CANON INC. - C:Program FilesCanonMemory Card UtilityPIXMA iP6000DPDUiP6000DMemCrdMgr.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:Program FilesAdobePhotoshop Elements 3.0PhotoshopElementsDeviceConnect.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:Program FilesCommon FilesNew BoundaryPrismXLPRISMXL.SYS
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:WINDOWSsystem32Tablet.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:Program FilesTrend MicroBMTMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:Program FilesTrend MicroInternet SecurityTmProxy.exe
O23 - Service: UPnPService - Magix AG - C:Program FilesCommon FilesMAGIX SharedUPnPServiceUPnPService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Owner/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 12556 bytes


Pancake - 5-7-2008 at 22:54

That all looks fine.There is no malware.Its clean