Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > hjt log advice needed

Reply
Thread Tools

hjt log advice needed

 
 
ellis_jay
Guest
Posts: n/a
 
      03-24-2005
Logfile of HijackThis v1.99.1
Scan saved at 3:40:47 PM, on 3/24/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system\hpsysdrv.exe
C:\hp\KBD\kbd.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1
for hijackthis[1].zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://srch-us7.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://us7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://srch-us7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.comcast.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft
Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} -
C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KBD] C:\hp\KBD\kbd.exe
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP
Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common
Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe"
/server
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program
Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
Destroy\TeaTimer.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program
Files\InterMute\SpySubtract\SpySub.exe
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} -
http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} -
http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} -
http://online.comcast.net/help/ (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program
Files\AIM95\aim.exe
O9 - Extra button: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O12 - Plugin for .bcf: C:\Program Files\Internet
Explorer\Plugins\NPBelv32.dll
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall-beta.trendmicro.com...ll/xscan60.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) -
http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13}
(PPSDKActiveXScanner.MainScreen) -
http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} -
http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.co...?1111117462171
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {670821E0-76D1-11D4-9F60-009027A966BF} (YouBet Secure Data
Transfer Control) - http://racing.youbet.com/wr_4_0/controls/ybrequest.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware
Scanner) -
http://download.zonelabs.com/bin/pro...tor/WebAAS.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} (YBUICtrl.FloatWnd.1) -
http://racing.youbet.com/controls/YBUICtrl.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC -
C:\WINDOWS\system32\ZoneLabs\vsmon.exe

thanx

--
He released government from the restraint of law.
____Lord Acton on Niccolo Machiavelli (1469-1527), George W. Bush, and the
Straussian neocons

Ellis_Jay


 
Reply With Quote
 
 
 
 
Steve P
Guest
Posts: n/a
 
      03-24-2005


"ellis_jay" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Logfile of HijackThis v1.99.1
> Scan saved at 3:40:47 PM, on 3/24/2005
> Platform: Windows XP SP1 (WinNT 5.01.2600)
> MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>
> Running processes:
> C:\WINDOWS\System32\smss.exe
> C:\WINDOWS\system32\winlogon.exe
> C:\WINDOWS\system32\services.exe
> C:\WINDOWS\system32\lsass.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\system32\spoolsv.exe
> C:\WINDOWS\Explorer.EXE
> C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
> C:\Program Files\Alwil Software\Avast4\ashServ.exe
> C:\windows\system\hpsysdrv.exe
> C:\hp\KBD\kbd.exe
> C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
> C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
> C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
> C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
> C:\WINDOWS\System32\svchost.exe
> c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
> C:\WINDOWS\system32\ZoneLabs\vsmon.exe
> C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
> C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
> C:\Program Files\Internet Explorer\iexplore.exe
> C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1
> for hijackthis[1].zip\HijackThis.exe
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> http://us7.hpwis.com/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> http://srch-us7.hpwis.com/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
> http://srch-us7.hpwis.com/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://srch-us7.hpwis.com/
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://www.comcast.net/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> http://us7.hpwis.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> http://srch-us7.hpwis.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
> http://srch-us7.hpwis.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://srch-us7.hpwis.com/
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://www.comcast.net/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
> Microsoft
> Internet Explorer provided by Comcast
> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
> Settings,ProxyOverride = localhost
> R3 - Default URLSearchHook is missing
> O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
> C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
> O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} -
> C:\HP\EXPLOREBAR\HPTOOLKT.DLL
> O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
> C:\WINDOWS\System32\msdxm.ocx
> O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
> O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
> O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
> O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe
> O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
> O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
> O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
> O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
> O4 - HKLM\..\Run: [KBD] C:\hp\KBD\kbd.exe
> O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
> O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone
> Labs\ZoneAlarm\zlclient.exe"
> O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP
> Studios\WinPatrol\winpatrol.exe
> O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common
> Files\Sonic\Update Manager\sgtray.exe" /r
> O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe"
> /server
> O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program
> Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
> O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
> O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
> Files\Java\jre1.5.0_01\bin\jusched.exe
> O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
> O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
> Destroy\TeaTimer.exe
> O4 - Global Startup: SpySubtract.lnk = C:\Program
> Files\InterMute\SpySubtract\SpySub.exe
> O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} -
> http://www.comcast.net/ (file missing)
> O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} -
> http://www.comcastsupport.com/ (file missing)
> O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} -
> http://online.comcast.net/help/ (file missing)
> O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
> C:\Program
> Files\AIM95\aim.exe
> O9 - Extra button: Yahoo! Messenger -
> {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
> C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
> O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
> {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
> C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
> C:\Program Files\Messenger\MSMSGS.EXE
> O9 - Extra 'Tools' menuitem: Messenger -
> {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
> Files\Messenger\MSMSGS.EXE
> O12 - Plugin for .bcf: C:\Program Files\Internet
> Explorer\Plugins\NPBelv32.dll
> O12 - Plugin for .spop: C:\Program Files\Internet
> Explorer\Plugins\NPDocBox.dll
> O16 - DPF: ppctlcab -
> http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
> O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
> http://housecall-beta.trendmicro.com...ll/xscan60.cab
> O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
> scanner) -
> http://security.symantec.com/sscv6/S...in/AvSniff.cab
> O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13}
> (PPSDKActiveXScanner.MainScreen) -
> http://ppupdates.ca.com/downloads/scanner/axscanner.cab
> O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} -
> http://www.xblock.com/download/xclean_micro.exe
> O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
> http://v5.windowsupdate.microsoft.co...?1111117462171
> O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
> Class) -
> http://security.symantec.com/sscv6/S.../bin/cabsa.cab
> O16 - DPF: {670821E0-76D1-11D4-9F60-009027A966BF} (YouBet Secure Data
> Transfer Control) - http://racing.youbet.com/wr_4_0/controls/ybrequest.cab
> O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
> http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
> O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
> Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
> O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware
> Scanner) -
> http://download.zonelabs.com/bin/pro...tor/WebAAS.cab
> O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
> http://us.dl1.yimg.com/download.yaho...tocomplete.cab
> O16 - DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} (YBUICtrl.FloatWnd.1) -
> http://racing.youbet.com/controls/YBUICtrl.cab
> O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
> Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
> O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
> O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
> C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
> O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
> Software\Avast4\ashServ.exe
> O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program
> Files\Alwil
> Software\Avast4\ashMaiSv.exe" /service (file missing)
> O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
> Software\Avast4\ashWebSv.exe" /service (file missing)
> O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
> C:\WINDOWS\System32\nvsvc32.exe
> O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC -
> C:\WINDOWS\system32\ZoneLabs\vsmon.exe
>
> thanx
>
> --
> He released government from the restraint of law.
> ____Lord Acton on Niccolo Machiavelli (1469-1527), George W. Bush, and the
> Straussian neocons
>
> Ellis_Jay
>
>

Try pasting to http://www.hijackthis.de/


 
Reply With Quote
 
 
 
 
WormWood
Guest
Posts: n/a
 
      03-24-2005
http://hijackthis.de/en


"ellis_jay" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Logfile of HijackThis v1.99.1
> Scan saved at 3:40:47 PM, on 3/24/2005
> Platform: Windows XP SP1 (WinNT 5.01.2600)
> MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>
> Running processes:

<snip>


 
Reply With Quote
 
Jim
Guest
Posts: n/a
 
      03-24-2005
We can see from line one Running processes_C:\WINDOWS\System32\smss.exe
that you are a distgusting pervert.
I must point your attention to smss.exe, which as everyone knows is a "sado
masocistis sex servent", with EXTRA.
I suggest politions should stick to their own sick perverted rooms, and
leave the commoners alone.
I do not wish to go into detail of what winlogon.exe means, but is it
windows icons nonces logon.extreme.
I dont wont to know how my car works but I do.
I dont want to know about why the Americans are fighting over Oil, but I do.
I want to know why cars are not running on hydrogen & oxygen, but I do.
And most of all, I dont wont to know about your **** problems that make your
computer not work!.

Sad. what a waste of Intelligence?.

"ellis_jay" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Logfile of HijackThis v1.99.1
> Scan saved at 3:40:47 PM, on 3/24/2005
> Platform: Windows XP SP1 (WinNT 5.01.2600)
> MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>
> Running processes:
> C:\WINDOWS\System32\smss.exe
> C:\WINDOWS\system32\winlogon.exe
> C:\WINDOWS\system32\services.exe
> C:\WINDOWS\system32\lsass.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\system32\spoolsv.exe
> C:\WINDOWS\Explorer.EXE
> C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
> C:\Program Files\Alwil Software\Avast4\ashServ.exe
> C:\windows\system\hpsysdrv.exe
> C:\hp\KBD\kbd.exe
> C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
> C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
> C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
> C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
> C:\WINDOWS\System32\svchost.exe
> c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
> C:\WINDOWS\system32\ZoneLabs\vsmon.exe
> C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
> C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
> C:\Program Files\Internet Explorer\iexplore.exe
> C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 1
> for hijackthis[1].zip\HijackThis.exe
>
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> http://us7.hpwis.com/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> http://srch-us7.hpwis.com/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
> http://srch-us7.hpwis.com/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://srch-us7.hpwis.com/
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://www.comcast.net/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
> http://us7.hpwis.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
> http://srch-us7.hpwis.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
> http://srch-us7.hpwis.com/
> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
> http://srch-us7.hpwis.com/
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://www.comcast.net/
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
> Microsoft
> Internet Explorer provided by Comcast
> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
> Settings,ProxyOverride = localhost
> R3 - Default URLSearchHook is missing
> O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
> C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
> O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} -
> C:\HP\EXPLOREBAR\HPTOOLKT.DLL
> O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
> C:\WINDOWS\System32\msdxm.ocx
> O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
> O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
> O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
> O4 - HKLM\..\Run: [AutoTBar] C:\hp\bin\autotbar.exe
> O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
> O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
> O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
> O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
> O4 - HKLM\..\Run: [KBD] C:\hp\KBD\kbd.exe
> O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
> O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone
> Labs\ZoneAlarm\zlclient.exe"
> O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP
> Studios\WinPatrol\winpatrol.exe
> O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common
> Files\Sonic\Update Manager\sgtray.exe" /r
> O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe"
> /server
> O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program
> Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
> O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
> O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
> Files\Java\jre1.5.0_01\bin\jusched.exe
> O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
> O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
> Destroy\TeaTimer.exe
> O4 - Global Startup: SpySubtract.lnk = C:\Program
> Files\InterMute\SpySubtract\SpySub.exe
> O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} -
> http://www.comcast.net/ (file missing)
> O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} -
> http://www.comcastsupport.com/ (file missing)
> O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} -
> http://online.comcast.net/help/ (file missing)
> O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
> C:\Program
> Files\AIM95\aim.exe
> O9 - Extra button: Yahoo! Messenger -
> {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
> C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
> O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
> {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -
> C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
> C:\Program Files\Messenger\MSMSGS.EXE
> O9 - Extra 'Tools' menuitem: Messenger -
> {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
> Files\Messenger\MSMSGS.EXE
> O12 - Plugin for .bcf: C:\Program Files\Internet
> Explorer\Plugins\NPBelv32.dll
> O12 - Plugin for .spop: C:\Program Files\Internet
> Explorer\Plugins\NPDocBox.dll
> O16 - DPF: ppctlcab -
> http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
> O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
> http://housecall-beta.trendmicro.com...ll/xscan60.cab
> O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
> scanner) -
> http://security.symantec.com/sscv6/S...in/AvSniff.cab
> O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13}
> (PPSDKActiveXScanner.MainScreen) -
> http://ppupdates.ca.com/downloads/scanner/axscanner.cab
> O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} -
> http://www.xblock.com/download/xclean_micro.exe
> O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
> http://v5.windowsupdate.microsoft.co...?1111117462171
> O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
> Class) -
> http://security.symantec.com/sscv6/S.../bin/cabsa.cab
> O16 - DPF: {670821E0-76D1-11D4-9F60-009027A966BF} (YouBet Secure Data
> Transfer Control) - http://racing.youbet.com/wr_4_0/controls/ybrequest.cab
> O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
> http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
> O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
> Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
> O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware
> Scanner) -
> http://download.zonelabs.com/bin/pro...tor/WebAAS.cab
> O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
> http://us.dl1.yimg.com/download.yaho...tocomplete.cab
> O16 - DPF: {C9DB5AF8-4C14-4A3E-90F8-DB49D6B4866D} (YBUICtrl.FloatWnd.1) -
> http://racing.youbet.com/controls/YBUICtrl.cab
> O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
> Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
> O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
> O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
> C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
> O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
> Software\Avast4\ashServ.exe
> O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program
> Files\Alwil
> Software\Avast4\ashMaiSv.exe" /service (file missing)
> O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
> Software\Avast4\ashWebSv.exe" /service (file missing)
> O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
> C:\WINDOWS\System32\nvsvc32.exe
> O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC -
> C:\WINDOWS\system32\ZoneLabs\vsmon.exe
>
> thanx
>
> --
> He released government from the restraint of law.
> ____Lord Acton on Niccolo Machiavelli (1469-1527), George W. Bush, and the
> Straussian neocons
>
> Ellis_Jay
>
>



 
Reply With Quote
 
pcbutts1
Guest
Posts: n/a
 
      03-25-2005
I don't see anything wrong with it except that you have a lot of HP crap
loading and running. What problems are you having?

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
Sharpvision simply the best http://www.seedsv.com



"ellis_jay" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Logfile of HijackThis v1.99.1
> Scan saved at 3:40:47 PM, on 3/24/2005
> Platform: Windows XP SP1 (WinNT 5.01.2600)
> MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
>
> Running processes:
> C:\WINDOWS\System32\smss.exe
> C:\WINDOWS\system32\winlogon.exe



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Anouther HJT Log Cooter Computer Support 4 11-19-2005 10:03 PM
HJT Log ssyed01@sympatico.ca Computer Support 8 07-02-2005 01:45 PM
wareout.exe (need help with HJT log) Dimitri Computer Support 9 03-02-2005 09:44 PM
HJT Log File Stickywax Computer Support 2 12-31-2004 12:29 AM
HJT Log - was Uninstall Google Toobar Michael Payne Computer Support 1 10-03-2004 04:33 AM



Advertisments