Hijack this log

Discussion in 'Computer Support' started by John Seward, Aug 26, 2004.

  1. John Seward

    John Seward Guest

    Having trouble opening word. Could you check my hijack this log and
    see what, if anything, might be in there that could be screwing
    things up? Thanks


    Logfile of HijackThis v1.97.6
    Scan saved at 4:50:59 PM, on 8/26/04
    Platform: Windows 98 Gold (Win9x 4.10.1998)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\STARTER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\HPSJVXD.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\DIRECTCD\DIRECTCD.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
    C:\WINDOWS\SYSTEM\HPZTSB07.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\UNLOAD\HPQCMON.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
    C:\WINDOWS\SYSTEM\HPHMON04.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\PROGRAM FILES\PICASA\PICASAMEDIADETECTOR.EXE
    C:\PROGRAM FILES\COMMON FILES\KODAK\KODAK_DR\KODAKCCS.EXE
    C:\WINDOWS\RunDLL.exe
    C:\PROGRAM FILES\AIM95\AIM.EXE
    C:\SCANJET\PRECISIONSCAN\HPPPT.EXE
    C:\PROGRAM FILES\THE HELPSPOT!\FAWGRD32.EXE
    C:\PROGRAM FILES\KODAK\KODAK EASYSHARE SOFTWARE\BIN\EASYSHARE.EXE
    C:\PROGRAM FILES\KODAK\KODAK SOFTWARE
    UPDATER\7288971\PROGRAM\BACKWEB-7288971.EXE
    C:\PROGRAM FILES\THE HELPSPOT!\FA_GD32.EXE
    C:\PROGRAM FILES\MAILWASHER\MAILWASHER.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\WINWORD.EXE
    C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\WINWORD.EXE
    C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\WINWORD.EXE
    C:\HIJACKTHIS\HIJACKTHIS.EXE

    O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} -
    C:\WINDOWS\SYSTEM\NZDD.DLL
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} -
    C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
    C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL
    O3 - Toolbar: Norton AntiVirus -
    {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton
    AntiVirus\NavShExt.dll
    O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} -
    C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
    C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [HPSCANMonitor] c:\windows\SYSTEM\hpsjvxd.exe
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
    powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program
    Files\DirectCD\DIRECTCD.EXE
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
    O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRAM FILES\PANICWARE\POP-UP
    STOPPER\DPPS2.EXE"
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE
    O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe
    C:\WINDOWS\SYSTEM\CRAZYTALK.DLL,DllServeMediaFile
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility]
    C:\WINDOWS\SYSTEM\hpztsb07.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program
    Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [CamMonitor] c:\Program
    Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
    O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\SYSTEM\HPHMON04.EXE
    O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart
    11\hphinstall\UniPatch\hphupd04.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
    Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe
    -startup
    O4 - HKLM\..\Run: [LifeScape Media Detector] C:\Program
    Files\Picasa\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [KodakCCS] C:\Program Files\Common
    Files\KODAK\KODAK_DR\KodakCCS.exe --pdr: "C:\Program Files\Common
    Files\KODAK\KODAK_DR\dcmnter.pdr"
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
    powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common
    Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
    O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL
    deskcp16.dll,QUICKRES_RUNDLLENTRY
    O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
    O4 - Startup: HP Parallel Port Test.lnk =
    C:\SCANJET\PrecisionScan\hpppt.exe
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
    Office\Office\OSA9.EXE
    O4 - Startup: Windows Guardian.lnk = C:\Program Files\the
    HelpSpot!\Fawgrd32.exe
    O4 - Startup: HP S20 Scanner.lnk = C:\Program Files\HP PhotoSmart\S20
    Scanner\Registration\Remind32.exe
    O4 - Startup: Kodak EasyShare software.lnk = C:\Program
    Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Startup: KODAK Software Updater.lnk = C:\Program
    Files\Kodak\KODAK Software
    Updater\7288971\Program\backWeb-7288971.exe
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: TREND MICRO HouseCall (HKLM)
    O9 - Extra button: Share in Hello (HKLM)
    O9 - Extra 'Tools' menuitem: Share in H&ello (HKLM)
    O12 - Plugin for .UVR: C:\Program Files\Internet
    Explorer\Plugins\NPUPano.dll
    O16 - DPF: {F72A7B0E-0DD8-11D1-BD6E-00AA00B92AF1} (IE Active Setup
    Control) -
    http://www.microsoft.com/windows/ie/ie40/download/cdf/setupctl.cab
    O16 - DPF: {9F974B30-1ACF-11D1-8E4F-00A0C9061169} (PlayCtl Class) -
    http://www.audible.com/audible/software/aplugpl.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
    Object) -
    http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
    Control) -
    http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
    O16 - DPF: {424AAC00-2824-11D3-806A-0020AFD61FB7} (SimPlayer) -
    http://www.simplayer.com/plugin6/SimPlayerAX.cab
    O16 - DPF: {85411480-DDF9-11D0-8F52-080009CDBAA9}
    (Starwave_Comparison_Chart) -
    http://stats.espn.go.com/java/OuterComparisonChart.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class)
    - http://download.yahoo.com/dl/installs/yinst.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
    http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio
    Conferencing) -
    http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v43/yacscom.cab
    O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com
    SmartIssue) -
    http://support.charter.com/sdccommon/download/tgctlsi.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
    http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38010.5639583333
    O16 - DPF: {5DBF08EF-4BDE-11D3-B8E4-0080C84E9C66} ([email protected] Control)
    - http://www.mace27.com/xtra/birthday/MediaShow.cab
    O16 - DPF: {F7DC2A2E-FC34-11D3-B1D9-00A0C99B41BB} (Zoom Class) -
    http://www.zoomify.com/download/zoomify204.cab
    O16 - DPF: Yahoo! MahJong -
    http://download.games.yahoo.com/games/clients/y/ot0_x.cab
    O16 - DPF: {1CC506A7-1B8D-11D4-BDD5-0060977007E0} (CrazyTalk Player) -
    http://plug-in.reallusion.com/CrazyTalk.cab
    O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) -
    http://f1.pg.photos.yahoo.com/ocx/us/yexplorer1_9us.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility)
    - http://support.gateway.com/support/profiler/PCPitStop.CAB
    O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document
    4.0) - http://ipgweb.cce.hp.com/rdq/downloads/msxml4.cab
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) -
    http://ipgweb.cce.hp.com/rdq/downloads/sysinfo.cab
    O16 - DPF: {7ED7005B-4AF6-4CFF-9AE0-F243C4B8260F}
    (HouseCallButton.setup) -
    http://de.trendmicro-europe.com/file_downloads/common/housecall/HouseCallButton.CAB
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control)
    -
    http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) -
    http://www.pestscan.com/scanner/ppctlcab.cab
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13}
    (PPSDKActiveXScanner.MainScreen) -
    http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com
    Configuration Class) -
    http://support.charter.com/sdccommon/download/tgctlcm.cab
    O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy
    Upload Tool Class) -
    http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_3us.cab
    O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
    http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    O16 - DPF: Arcsoft Web Uploader -
    http://www.hpphoto.com/downloads/ReadFileApplet.cab

    ==============
    Posted through www.HowToFixComputers.com/bb - free access to hardware troubleshooting newsgroups.
     
    John Seward, Aug 26, 2004
    #1
    1. Advertisements

  2. John Seward

    °Mike° Guest

    WHAT trouble, exactly?
    First Aid is a pile of junk, IMO. I have known it to cause
    software conflicts, internet connectivity problems, multimedia
    problems, and even hardware conflicts. My advice is to
    uninstall it.

    You have 3 instances of Word in the process list; if you
    have any visible Word windows open, close them, else
    End Task the above 3 processes (CTRL+ALT+DEL).

    Have HijackThis fix the above. (1)

    CrazyTalk is known to sometimes be installed without
    a user's knowledge. Unless you specifically installed
    this, fix the above.


    See my comment above about First Aid.


    This is totally useless; have HijackThis fix it.

    Your downloaded programs (ActiveX) folder is overcrowded.
    Have HijackThis fix ALL of the 016-DPF entries -- ActiveX
    controls will be downloaded fresh, as and when needed.

    (1) There is nothing obviously wrong with your system, malware
    wise, other than the questionable NetZip BHO entry. For
    further information, see:
    http://editor.actrix.co.nz/byarticle/spyw.htm
     
    °Mike°, Aug 26, 2004
    #2
    1. Advertisements

  3. John Seward

    John Seward Guest

    thanx........was getting :


    Illegal operation........invalid page fault at module MS09.DLL

    sorry, was in a rush and didn't have time to furnish information right
    away.

    will work on the fix asap

    ==============
    Posted through www.HowToFixComputers.com/bb - free access to hardware troubleshooting newsgroups.
     
    John Seward, Aug 27, 2004
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.