Can someone please take a look at this?

By Jonesyuk225
Jun 21, 2010
  1. I am not sure that there is anything wrong but could do with someone taking a look at this log if poss?

    Logfile of HijackThis v1.99.1
    Scan saved at 10:28:14, on 21/06/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)

    Running processes:
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\Program Files\Network Associates\Common Framework\UdaterUI.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Network Associates\Common Framework\McTray.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Network Associates\VirusScan\mcupdate.exe
    C:\Program Files\Network Associates\Common Framework\McScript_InUse.exe
    C:\Documents and Settings\nbeverley\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: (no name) - {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - (no file)
    R3 - URLSearchHook: BigMAQ Toolbar - {7f312b9a-208b-49fa-8218-b9aa22ec1463} - C:\Program Files\BigMAQ\tbBig0.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: BigMAQ Toolbar - {7f312b9a-208b-49fa-8218-b9aa22ec1463} - C:\Program Files\BigMAQ\tbBig0.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O3 - Toolbar: BigMAQ Toolbar - {7f312b9a-208b-49fa-8218-b9aa22ec1463} - C:\Program Files\BigMAQ\tbBig0.dll
    O4 - HKLM\..\Run: [shstatexe] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [mcafeeupdaterui] "C:\Program Files\Network Associates\Common Framework\UdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [nbeverley] C:\Documents and Settings\nbeverley\nbeverley.exe /i
    O4 - HKCU\..\Run: [{34BC01DA-C74E-5DD1-59B3-5B7D7342BBEB}] "C:\Documents and Settings\nbeverley\Application Data\Iritub\taon.exe"
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
    O11 - Options group: [INTERNATIONAL] International*
    O11 - Options group: [java_sun] Java (Sun)
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
    O16 - DPF: {E6ACF817-0A85-4EBE-9F0A-096C6488CFEA} (NTR ActiveX 1.1.8) -
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ARENADISLEY.LOCAL
    O17 - HKLM\Software\..\Telephony: DomainName = ARENADISLEY.LOCAL
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ARENADISLEY.LOCAL
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ARENADISLEY.LOCAL
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: lmiinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - %fystemRoot%\system32\svchost.exe (file missing)
    O23 - Service: Bonjour Service (bonjour service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: iPod Service (ipod service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (javaquickstarterservice) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
    O23 - Service: Network Associates McShield (McShield) - McAfee, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: Automatic Updates (wuauserv) - Unknown owner - %fystemroot%\system32\svchost.exe (file missing)
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Why are you leaving this log? What problems are you having? We don't 'screen' with HijackThis.

    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the logs for review in your next reply .

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...