« previous next »
Pages: [1]

Author Topic: Check up  (Read 873 times)

Offline World

  • Newbie
  • *
  • Posts: 41
  • Karma: +0/-0
    • View Profile
Check up
« on: April 18, 2007, 02:20:00 PM »
Just want a check up to make sure everything is fine


Logfile of HijackThis v1.99.1
Scan saved at 20:17:38, on 18/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\Ati2evxx.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\WINDOWS\\system32\\spoolsv.exe
C:\\Program Files\\AOL\\Active Virus Shield\\avp.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\system32\\Ati2evxx.exe
C:\\WINDOWS\\Explorer.EXE
C:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe
C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe
C:\\Program Files\\iTunes\\iTunesHelper.exe
C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe
C:\\Program Files\\AOL\\Active Virus Shield\\avp.exe
C:\\WINDOWS\\system32\\ctfmon.exe
C:\\Program Files\\Messenger\\msmsgs.exe
C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.exe
C:\\Program Files\\Microsoft Office\\Office\\MSOFFICE.EXE
C:\\Program Files\\iPod\\bin\\iPodService.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\Program Files\\MSN Messenger\\msnmsgr.exe
C:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe
C:\\Program Files\\Internet Explorer\\iexplore.exe
C:\\Program Files\\Internet Explorer\\iexplore.exe
C:\\Documents and Settings\\Tristan\\Desktop\\HijackThis.exe

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,AutoConfigURL = www.miniclip.co.uk/runescape_game.html
F2 - REG:system.ini: UserInit=C:\\WINDOWS\\system32\\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\Program Files\\Adobe\\Acrobat 7.0\\ActiveX\\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\\Program Files\\Spybot - Search & Destroy\\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.5.0_11\\bin\\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\\Program Files\\Windows Live Toolbar\\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\\Program Files\\Windows Live Toolbar\\msntb.dll
O4 - HKLM\\..\\Run: [NVMixerTray] \"C:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe\"
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [nwiz] nwiz.exe /install
O4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\\..\\Run: [ATIPTA] C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe
O4 - HKLM\\..\\Run: [ATICCC] \"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime
O4 - HKLM\\..\\Run: [iTunesHelper] \"C:\\Program Files\\iTunes\\iTunesHelper.exe\"
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\"
O4 - HKLM\\..\\Run: [aol] \"C:\\Program Files\\AOL\\Active Virus Shield\\avp.exe\"
O4 - HKCU\\..\\Run: [CTFMON.EXE] C:\\WINDOWS\\system32\\ctfmon.exe
O4 - HKCU\\..\\Run: [Free Download Manager] C:\\Program Files\\Free Download Manager\\fdm.exe -autorun
O4 - HKCU\\..\\Run: [updateMgr] C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\\..\\Run: [msnmsgr] \"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background
O4 - HKCU\\..\\Run: [MSMSGS] \"C:\\Program Files\\Messenger\\msmsgs.exe\" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.exe
O4 - Global Startup: MSOFFICE.EXE.lnk = C:\\Program Files\\Microsoft Office\\Office\\MSOFFICE.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\\Program Files\\Windows Live Toolbar\\msntb.dll/search.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\\Program Files\\Free Download Manager\\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\\Program Files\\Free Download Manager\\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\\Program Files\\Free Download Manager\\dllink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.5.0_11\\bin\\ssv.dll
O9 - Extra \'Tools\' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.5.0_11\\bin\\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\\bdoscandel.exe (file missing)
O9 - Extra \'Tools\' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\\Network Diagnostic\\xpnetdiag.exe (file missing)
O9 - Extra \'Tools\' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\\Network Diagnostic\\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.co.uk/puzzlepirates/mi...pGameLoader.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1123068450406
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownlo...Plugin10USA.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\MSNMES~1\\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\MSNMES~1\\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\\WINDOWS\\system32\\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\\WINDOWS\\SYSTEM32\\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\\WINDOWS\\system32\\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\\WINDOWS\\system32\\ati2sgag.exe
O23 - Service: Active Virus Shield (AVP) - Unknown owner - C:\\Program Files\\AOL\\Active Virus Shield\\avp.exe\" -r (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\\Program Files\\iPod\\bin\\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\\nvsvc32.exe
« Last Edit: April 18, 2007, 09:54:51 PM by guestolo »
Logged
[font=\"Arial\"][color=\"#4169e1\"]Transactions

1.brought a lvl 119 from moneymattb@hot\\\'mail.com sucess

2.trained dreath\\\'s account from 34 range to 50 stoped at 47 sucess

3.brought mage pure from rangeudown (of rs2mm) sucess

4.brought pure account from iownnoobs mageudown MMed sucess

5.Bought a pbp pin from hours 27 he went first sucess!

6.Bought a pbp pin for 1M from [email protected] he went first sucess

7.Brought A pbp pin off blacl Desire sucess

8.Brought [/color][color=\"#4169e1\"][email protected][/color][color=\"#4169e1\"][color=\"#4169e1\"] email for 150k off pureblood he went first, sucess[/color]

[/color][color=\"#4169e1\"]9.Brought green mask off [/color][color=\"#4169e1\"][email protected][/color][color=\"#ffff00\"][color=\"#4169e1\"] 90$ he went first Sucess![/color]

[/color]

[/font][font=\"Arial\"][color=\"#00ffff\"][color=\"#808080\"]Item transfer

1.transfered 2270k, rune plate and legs for legend sucess

2.transfered 1075k for legend sucess[/color]

[/color]

[color=\"#9acd32\"]MM\\\'S

1.I middle manned a rune pure for 1m for nhjelle and Runescape Signatures:sucessful

2.I middle manned a pbt pin for Strongbullet and Pixeled:sucessful

3.I middle manned a pbp pin for Pixeled and ~thekukk~:sucessful

4.I middle manned pin for Africkan and dam me (dam me of sythe ) sucess

5.I middle manned for 0w3n3d p10x and Yawningmasterpl0x sucess

6.I middle manned pin for yawningmasterpl0x and Bender1 sucess[/color][/font]



MY MSN IS [email protected]

Offline Everlasting Death

  • Hero Member
  • *****
  • Posts: 981
  • Karma: +0/-0
    • View Profile
    • http://www.jaswin.net
Check up
« Reply #1 on: April 18, 2007, 08:25:16 PM »
as far as i can see ur running fine but you might want to run windows update to get new stuff like IE 7.0 if you want, it's all up to you
« Last Edit: April 18, 2007, 09:54:37 PM by guestolo »
Logged
The cake is a lie....

Bummer Dude

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Check up
« Reply #2 on: April 18, 2007, 09:54:21 PM »
[quote name=\'Everlasting Death\' post=\'316333\' date=\'Apr 18 2007, 06:25 PM\']as far as i can see ur running fine but you might want to run windows update to get new stuff like IE 7.0 if you want, it's all up to you[/quote]

I have to say about the same thing too, no problems detected
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Check up
« Reply #3 on: June 09, 2007, 04:35:21 PM »
No problems, I'll lock this topic
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: [1]
« previous next »