HijackThis Log Please

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Codemaster

Thread Starter
Joined
May 5, 2001
Messages
529
Logfile of HijackThis v1.99.1
Scan saved at 2:53:27 AM, on 6/26/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\System32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Ahead\InCD\InCDsrv.exe
F:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVGANT~1\avgamsvr.exe
C:\PROGRA~1\AVGANT~1\avgupsvc.exe
F:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
F:\WINDOWS\System32\UAService7.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\Program Files\Microsoft IntelliPoint\point32.exe
F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
F:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Microsoft AntiSpyware Beta\gcasServ.exe
C:\PROGRA~1\AVGANT~1\avgcc.exe
C:\PROGRA~1\AVGANT~1\avgemc.exe
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft AntiSpyware Beta\gcasDtServ.exe
F:\WINDOWS\System32\ctfmon.exe
F:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
F:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
F:\WINDOWS\System32\rundll32.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
F:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
F:\WINDOWS\explorer.exe
f:\program files\winamp\winamp.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla\firefox.exe
C:\Program Files\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gamefaqs.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gamefaqs.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gamefaqs.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O4 - HKLM\..\Run: [IntelliPoint] "F:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [ATIPTA] F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PRONoMgr.exe] F:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware Beta\gcasServ.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\AVGANT~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\AVGANT~1\avgemc.exe
O4 - HKLM\..\Run: [ATICCC] "F:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Remote Control] F:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = F:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: SATARaid.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - F:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O23 - Service: Abpvcclr - - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\AVGANT~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\AVGANT~1\avgupsvc.exe
O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - F:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Macromedia Licensing Service - Macromedia - F:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - F:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - F:\WINDOWS\System32\UAService7.exe



Thanks all.
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
119,673
Rescan with HijackThis, close all browser windows except HijackThis, put a check mark beside these entries and click “fix checked.”

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O23 - Service: Abpvcclr - - (no file)


Are you having any particular problems?
 

Codemaster

Thread Starter
Joined
May 5, 2001
Messages
529
No problems in particular, I just like to do a check every once ina while. However, the:

O23 - Service: Abpvcclr - - (no file)

won't go away, how can we eliminate this?
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
119,673
Click Start – Run - and type in:

services.msc

Click OK.

In the services window find: Abpvcclr.

Right click and choose Properties. On the General tab under Service Status click the Stop button to stop the service. Beside Startup Type in the dropdown menu select Disabled. Click Apply then OK. Exit the Services utility.

Note: You may get an error here when trying to access the properties of the service. If you do get an error, just select the service and look there in the top left of the main service window and click "Stop" to stop the service.

Reboot with Hijack This and fix that entry again.

Then post another log please.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top