1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Log for checking

Discussion in 'Virus & Other Malware Removal' started by eddie5659, Feb 17, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    35,168
    Hiya

    My gaming clan ( I know, sad) have asked me to look at their pc's due to slowness when gaming etc. If all clear from spyware etc, I'll clean up their starting programs ;)


    Logfile of HijackThis v1.99.1
    Scan saved at 06:45:56, on 2007-02-17
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16414)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program\Java\jre1.5.0_11\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\system32\PRISMSTA.EXE
    C:\ATI-CPanel\atiptaxx.exe
    C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
    C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\Program\Telia\Telias Sakerhetstjanster\Common\FSM32.EXE
    C:\Program\HP\HP Software Update\HPWuSchd2.exe
    C:\Program\HP\hpcoretech\hpcmpmgr.exe
    C:\Program\AceGain\LiveUpdate\LiveUpdate.exe
    C:\Program\DAEMON Tools\daemon.exe
    C:\Program\QuickTime\qttask.exe
    C:\Program\A4Tech\Mouse\Amoumain.exe
    C:\Program\Delade filer\Logitech\G-series Software\LGDCore.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE
    C:\Program\Messenger\msmsgs.exe
    C:\Program\HDD Thermometer\HDD Thermometer.exe
    C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program\Telia\Telias Sakerhetstjanster\Anti-Virus\fsgk32st.exe
    C:\Program\Telia\Telias Sakerhetstjanster\backweb\7836882\program\fsbwsys.exe
    C:\Program\Telia\Telias Sakerhetstjanster\Anti-Virus\FSGK32.EXE
    C:\Program\Telia\Telias Sakerhetstjanster\Common\FSMA32.EXE
    C:\Program\Telia\Telias Sakerhetstjanster\Common\FSMB32.EXE
    C:\Program\Telia\Telias Sakerhetstjanster\Anti-Virus\fssm32.exe
    C:\Program\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
    C:\Program\Telia\Telias Sakerhetstjanster\backweb\7836882\Program\fspex.exe
    C:\Program\Telia\Telias Sakerhetstjanster\Common\FCH32.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program\Telia\Telias Sakerhetstjanster\Anti-Virus\fsqh.exe
    C:\Program\Telia\Telias Sakerhetstjanster\Common\FAMEH32.EXE
    C:\Program\Telia\Telias Sakerhetstjanster\Anti-Virus\fsrw.exe
    C:\Program\Telia\Telias Sakerhetstjanster\Anti-Virus\fsav32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program\Telia\Telias Sakerhetstjanster\FWES\Program\fsdfwd.exe
    C:\Program\Telia\TELIAS~1\ANTI-S~1\fsaw.exe
    C:\Program\Telia\Telias Sakerhetstjanster\FSGUI\fsguidll.exe
    C:\Program\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRAM\WINZIP\wzqkpick.exe
    C:\PROGRAM\WINZIP\winzip32.exe
    D:\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliens.se/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.telia.se/buysecurityonline
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar3.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
    O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [CTDVDDET] C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [SBDrvDet] C:\Program\Creative\SB Drive Det\SBDrvDet.exe /r
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\Telia\Telias Sakerhetstjanster\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\Telia\Telias Sakerhetstjanster\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program\Telia\Telias Sakerhetstjanster\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Program\AceGain\LiveUpdate\LiveUpdate.exe
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [WheelMouse] C:\Program\A4Tech\Mouse\Amoumain.exe
    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program\Delade filer\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program\Delade filer\Logitech\LCD Manager\lcdmon.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RemoteCenter] C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program\HDD Thermometer\HDD Thermometer.exe
    O4 - HKCU\..\Run: [EA Core] "C:\Program\Electronic Arts\EA Link\Core.exe" -silent
    O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone Snabbstarta.lnk = C:\Program\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Telias säkerhetstjänster.lnk = C:\Program\Telia\Telias Sakerhetstjanster\backweb\7836882\Program\fspex.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Blockera detta popup-fönster - C:\Program\Telia\Telias Sakerhetstjanster\Anti-Spyware\blockpopups.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: IE-sköld - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias Sakerhetstjanster\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE-sköld... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\Telia\Telias Sakerhetstjanster\Anti-Spyware\ieshield.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: @C:\Program\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @C:\Program\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {5BF56AD2-E297-416E-BC49-000004010010} - https://cve.trust.telia.com/TeliaElegUpgrade/iidsetup.cab
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Telias säkerhetstjänster (BackWeb Plug-in - 7836882) - BackWeb Technologies Inc. - C:\Program\Telia\TELIAS~1\backweb\7836882\Program\SERVIC~1.EXE
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program\Telia\Telias Sakerhetstjanster\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\Telia\Telias Sakerhetstjanster\backweb\7836882\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\Telia\Telias Sakerhetstjanster\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program\Telia\Telias Sakerhetstjanster\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe


    Thanks

    eddie
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Looks okay to me.
     
  3. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Joined:
    Mar 19, 2001
    Messages:
    35,168
  4. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    No problem. :)
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Solved checking
  1. agurl333
    Replies:
    1
    Views:
    316
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/544827

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice