1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Some help on this log file

Discussion in 'Virus & Other Malware Removal' started by Muscar, Apr 17, 2008.

Thread Status:
Not open for further replies.
  1. Muscar

    Muscar Thread Starter

    Joined:
    Apr 17, 2008
    Messages:
    1
    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:19:31, on 2008-04-17
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program\Alwil Software\Avast4\ashServ.exe
    C:\Program\DELADE~1\Stardock\SDMCP.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program\TortoiseSVN\bin\TSVNCache.exe
    C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe
    C:\Program\Bonjour\mDNSResponder.exe
    C:\Program\DCPFLICS\dcpflics.exe
    C:\Program\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program\Saitek\Software\ProfilerU.exe
    C:\Program\Saitek\Software\SaiMfd.exe
    C:\Program\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program\ALWILS~1\Avast4\ashDisp.exe
    C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\WINDOWS\system32\taskswitch.exe
    C:\WINDOWS\system32\atwtusb.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program\ekort\ekort.exe
    C:\Program\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\TBLMOUSE.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\OBroker.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\program\steam\steam.exe
    C:\Program\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program\Alwil Software\Avast4\ashWebSv.exe
    C:\Program\Free Download Manager\FUM\fumoei.exe
    C:\Program\Messenger\msmsgs.exe
    C:\Program\DNA\btdna.exe
    C:\Program\DAEMON Tools Lite\daemon.exe
    C:\Program\iPod\bin\iPodService.exe
    C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program\Jensen Scandinavia\AirLink_6554_Utility\ZDWlan.exe
    C:\Program\GameSpot\GameSpotDownloadManager_Win32.exe
    C:\Program\Hamachi\hamachi.exe
    C:\Program\Last.fm\LastFMHelper.exe
    C:\Program\Stardock\ObjectDock\ObjectDock.exe
    C:\Program\Windows Live\Contacts\wlcomm.exe
    C:\Program\WinRAR\WinRAR.exe
    C:\Program\Mozilla Firefox 3 Beta 5\firefox.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program\Trend Micro\HijackThis\HijackThis.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: e-kort Browser Helper Object - {1C900459-DEEF-4aa9-B260-1EF0F0C70A8D} - C:\Program\ekort\Bhoekort.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\MICROS~3\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [Profiler] C:\Program\Saitek\Software\ProfilerU.exe
    O4 - HKLM\..\Run: [SaiMfd] C:\Program\Saitek\Software\SaiMfd.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\Program\DELADE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
    O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [e-kort] C:\Program\ekort\ekort.exe  /dontopenmycards
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "c:\program\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program\Free Download Manager\FUM\fumoei.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Real Desktop] "C:\Program\Real Desktop\Real Desktop.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program\DNA\btdna.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: GameSpot Download Manager.lnk = C:\Program\GameSpot\GameSpotDownloadManager_Win32.exe
    O4 - Startup: Hamachi.lnk = C:\Program\Hamachi\hamachi.exe
    O4 - Startup: Last.fm Helper.lnk = C:\Program\Last.fm\LastFMHelper.exe
    O4 - Startup: Skärmurklipp och start för OneNote 2007.lnk = C:\Program\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: AirLink 6554 Utility.lnk = C:\Program\Jensen Scandinavia\AirLink_6554_Utility\ZDWlan.exe
    O8 - Extra context menu item: Annotate With Ergo - C:\Program\Invu\Ergo\AnnotateWithErgo.html
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MIC273~1\Office12\REFIEBAR.DLL
    O9 - Extra button: e-kort - {F74E75A5-96BF-40ef-A1C8-88EAEBB82AB6} - C:\Program\ekort\ekort.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
    O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program\Free Download Manager\FUM\fumiebtn.dll (file missing)
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\MICROS~3\Office12\GR99D3~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program\Delade filer\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program\Delade filer\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe
    O23 - Service: DCPFLICS service (DCPFLICS) - Unknown owner - C:\Program\DCPFLICS\dcpflics.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
    O23 - Service: LX - Sysinternals - www.sysinternals.com - C:\DOCUME~1\Marcus\LOKALA~1\Temp\LX.exe
    O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - KALiNKOsoft - C:\Program\KALiNKOsoft\Pinnacle Game Profiler\pinnacle_updater.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program\WinPcap\rpcapd.exe
    O23 - Service: SFTETP - Sysinternals - www.sysinternals.com - C:\DOCUME~1\Marcus\LOKALA~1\Temp\SFTETP.exe
    
    --
    End of file - 13031 bytes



    Does my system contain anything dangerous?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/704555

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice