need help reading my hijack this log

Discussion in 'Computer Support' started by woodlandplayer, Aug 17, 2004.

  1. Having pop ups of ads that seem to come from (among others) pennyweb,
    and click agents. Ads come up about every 3 or four clicks. Its out
    of control. I was about to start fixing anythign I didn't recognize
    off the hijack this log but then read somewhere to never do that, and
    have someone with experience help me first. So if anybody will help me
    here I will really apreciate it!

    Logfile of HijackThis v1.97.7
    Scan saved at 11:01:06 PM, on 8/16/2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Adobe\Adobe Version
    Cue\ControlPanel\VersionCueTray.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\RFA\rfagent.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\xynrb.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Intuit\QuickBooks Premier - Accountant
    Edition\Components\QBAgent\qbdagent2002.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\WINDOWS\System32\WISPTIS.EXE
    E:\Programs_updates_ tutorials\HijackThis.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O2 - BHO: (no name) - {49F33808-E430-0DCF-8627-62550BA17E3A} -
    C:\WINDOWS\System32\fggav.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
    C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\j2re1.4.2_02\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
    Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe
    Version Cue\ControlPanel\VersionCueTray.exe
    O4 - HKLM\..\Run: [PestPatrol Control Center]
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0
    -k
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP
    Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
    Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Fkoctiw] C:\WINDOWS\System32\xynrb.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program
    Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
    Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program
    Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: QuickBooks 2002 Delivery Agent.lnk = C:\Program
    Files\Intuit\QuickBooks Premier - Accountant
    Edition\Components\QBAgent\qbdagent2002.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O16 - DPF: Yahoo! Spades -
    http://download.games.yahoo.com/games/clients/y/st2_x.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software
    AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
    Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
    http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38134.4971180556
    O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78D} (DoomCln Object) -
    http://www.microsoft.com/security/controls/DoomCln.CAB
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj
    Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?319
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software
    AutoUpdate Support Package) -
    http://www.creative.com/su/ocx/12119/CTPID.cab
     
    woodlandplayer, Aug 17, 2004
    #1
    1. Advertisements

  2. Lawrence Abrams, Aug 17, 2004
    #2
    1. Advertisements

  3. Lawrence,

    Thank you for taking the time to look at my issue! I updated my
    hijack this and here is the updated log:

    Logfile of HijackThis v1.98.2
    Scan saved at 10:06:39 PM, on 8/17/2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe
    C:\Program Files\Adobe\Adobe Version
    Cue\ControlPanel\VersionCueTray.exe
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\RFA\rfagent.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\xynrb.exe
    C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Intuit\QuickBooks Premier - Accountant
    Edition\Components\QBAgent\qbdagent2002.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O2 - BHO: (no name) - {49F33808-E430-0DCF-8627-62550BA17E3A} -
    C:\WINDOWS\System32\fggav.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
    C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\j2re1.4.2_02\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
    Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe
    Version Cue\ControlPanel\VersionCueTray.exe
    O4 - HKLM\..\Run: [PestPatrol Control Center]
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0
    -k
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP
    Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
    Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Fkoctiw] C:\WINDOWS\System32\xynrb.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program
    Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
    Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program
    Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: QuickBooks 2002 Delivery Agent.lnk = C:\Program
    Files\Intuit\QuickBooks Premier - Accountant
    Edition\Components\QBAgent\qbdagent2002.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O16 - DPF: Yahoo! Spades -
    http://download.games.yahoo.com/games/clients/y/st2_x.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software
    AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector
    Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj
    Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?319
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software
    AutoUpdate Support Package) -
    http://www.creative.com/su/ocx/12119/CTPID.cab
    O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} -
    C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

    Thanks again!!!
     
    woodlandplayer, Aug 18, 2004
    #3
  4. Lawrence,

    Thank you for taking the time to look at my issue! I updated my
    hijack this and here is the updated log:

    Logfile of HijackThis v1.98.2
    Scan saved at 10:06:39 PM, on 8/17/2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe
    C:\Program Files\Adobe\Adobe Version
    Cue\ControlPanel\VersionCueTray.exe
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\RFA\rfagent.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\xynrb.exe
    C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Intuit\QuickBooks Premier - Accountant
    Edition\Components\QBAgent\qbdagent2002.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O2 - BHO: (no name) - {49F33808-E430-0DCF-8627-62550BA17E3A} -
    C:\WINDOWS\System32\fggav.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
    C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\j2re1.4.2_02\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
    Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe
    Version Cue\ControlPanel\VersionCueTray.exe
    O4 - HKLM\..\Run: [PestPatrol Control Center]
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0
    -k
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP
    Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
    Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Fkoctiw] C:\WINDOWS\System32\xynrb.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program
    Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
    Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program
    Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: QuickBooks 2002 Delivery Agent.lnk = C:\Program
    Files\Intuit\QuickBooks Premier - Accountant
    Edition\Components\QBAgent\qbdagent2002.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O16 - DPF: Yahoo! Spades -
    http://download.games.yahoo.com/games/clients/y/st2_x.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software
    AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector
    Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj
    Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?319
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software
    AutoUpdate Support Package) -
    http://www.creative.com/su/ocx/12119/CTPID.cab
    O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} -
    C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

    Thanks again!!!
     
    woodlandplayer, Aug 18, 2004
    #4
  5. Lawrence,

    Thank you for taking the time to look at my issue! I updated my
    hijack this and here is the updated log:

    Logfile of HijackThis v1.98.2
    Scan saved at 10:06:39 PM, on 8/17/2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\j2re1.4.2_02\bin\jusched.exe
    C:\Program Files\Adobe\Adobe Version
    Cue\ControlPanel\VersionCueTray.exe
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\RFA\rfagent.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\xynrb.exe
    C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Intuit\QuickBooks Premier - Accountant
    Edition\Components\QBAgent\qbdagent2002.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
    F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
    O2 - BHO: (no name) - {49F33808-E430-0DCF-8627-62550BA17E3A} -
    C:\WINDOWS\System32\fggav.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
    C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\j2re1.4.2_02\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
    Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe
    Version Cue\ControlPanel\VersionCueTray.exe
    O4 - HKLM\..\Run: [PestPatrol Control Center]
    C:\PROGRA~1\PESTPA~1\PPControl.exe
    O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0
    -k
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP
    Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
    Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [RFAgent] C:\Program Files\RFA\rfagent.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Fkoctiw] C:\WINDOWS\System32\xynrb.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program
    Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
    Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program
    Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: QuickBooks 2002 Delivery Agent.lnk = C:\Program
    Files\Intuit\QuickBooks Premier - Accountant
    Edition\Components\QBAgent\qbdagent2002.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O16 - DPF: Yahoo! Spades -
    http://download.games.yahoo.com/games/clients/y/st2_x.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software
    AutoUpdate) - http://www.creative.com/su/ocx/12119/CTSUEng.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector
    Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj
    Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?319
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software
    AutoUpdate Support Package) -
    http://www.creative.com/su/ocx/12119/CTPID.cab
    O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} -
    C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

    Thanks again!!!
     
    woodlandplayer, Aug 18, 2004
    #5
  6. Your log shows that you are seriously behind on windows updates. It is
    essential that you update your windows before we continue to help you as the
    infections could reoccur. Go to http://www.windowsupdate.com and if it asks
    to install software, let it. Then click on the Scan link and let it do its
    thing. When its done you will see on your left a section called critical
    updates. Click on that section and install everything that you can. When
    it prompts you to reboot, do so. Then repeat this process again until there
    are no more critical updates listed. Then post a new log.
     
    Lawrence Abrams, Aug 18, 2004
    #6
  7. Lawrence,

    I downloaded a bunch of the updates and my computer totally freaked
    out. I am questioning my XP. I bought computer used and I think the XP
    may not be legit. I am not sure how to find out for sure. I looked
    into buying XP but it was so expensive. I can buy a brand new computer
    for only a little bit more money and have the latest XP. Either way I
    can't spend that money right now plus I dont look forward to
    reinstalling all my software...if at all possible can you help me with
    what issues I currently have besides for my outdated XP? I am sort of
    just trying to get by for now if you know what I mean. Thanks so much!

    -Joe

     
    woodlandplayer, Aug 20, 2004
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.