Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Pending] HJT Logs » Hijackthis Log

[Pending] HJT Logs - Hijackthis Log posted in the Security & Safety forums; Here`s the new combofix log. ComboFix 08-04-27.3 - Ken 2008-04-28 15:21:52.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.178 [GMT 1:00] Running from: D:\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\alobfirn.ini ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 4 of 4 < 1 2 3 4
  #19  
Old 04-28-2008
midge's Avatar
Bronze Member
  
Join Date: Apr 2008
Location: N.Ireland
Posts: 14
PC Experience: Some Experience
midge - See this Members User comments on their Profile page
Default Re: Hijackthis Log
Here`s the new combofix log.

ComboFix 08-04-27.3 - Ken 2008-04-28 15:21:52.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.178 [GMT 1:00]
Running from: D:\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\alobfirn.ini
C:\WINDOWS\system32\hlxgewcd.ini
C:\WINDOWS\system32\sdbaggnm.ini
C:\WINDOWS\system32\ttstv.ini
C:\WINDOWS\system32\yeyyofaq.ini

.
((((((((((((((((((((((((( Files Created from 2008-03-28 to 2008-04-28 )))))))))))))))))))))))))))))))
.

2008-04-25 12:38 . 2002-01-17 11:48 36,864 --a------ C:\WINDOWS\system32\CNMCP45.EXE
2008-04-23 14:27 . 2008-04-23 14:30 <DIR> d-------- C:\Program Files\GTA Vice City - Deluxe
2008-04-22 15:03 . 2008-04-22 15:05 <DIR> d-------- C:\Documents and Settings\Ken\Application Data\GetRightToGo
2008-04-21 18:07 . 2008-04-21 18:07 <DIR> d-------- C:\Program Files\Apple Software Update
2008-04-18 10:02 . 2008-04-18 10:02 <DIR> d-------- C:\Program Files\Universal Interactive
2008-04-17 20:00 . 2008-04-17 20:00 <DIR> d-------- C:\VundoFix Backups
2008-04-17 19:49 . 2008-04-17 19:49 <DIR> d-------- C:\pf1 p`cake
2008-04-16 09:59 . 2008-04-28 15:21 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\NtUser.da t.LOG
2008-04-14 10:13 . 2008-04-14 10:13 <DIR> d-------- C:\kav
2008-04-11 22:21 . 2008-04-11 22:21 <DIR> d-------- C:\WINDOWS\TSdesktoptoy
2008-04-11 22:21 . 2008-04-11 22:21 171,520 --a------ C:\WINDOWS\system32\cncs32.dll
2008-04-11 22:21 . 2008-04-11 22:21 18 --a------ C:\WINDOWS\gfact.ini
2008-04-11 16:36 . 2008-04-11 16:36 <DIR> d-------- C:\Program Files\Fox
2008-04-10 23:00 . 2008-04-10 23:00 <DIR> d-------- C:\Documents and Settings\Ken\Application Data\Simply Super Software
2008-04-10 23:00 . 2008-04-10 23:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-04-10 23:00 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-04-10 23:00 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-04-10 23:00 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-04-10 23:00 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-04-10 23:00 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-04-09 16:53 . 2008-04-09 16:53 <DIR> d-------- C:\Program Files\Yahoo!
2008-04-09 16:53 . 2008-04-09 16:53 <DIR> d-------- C:\Program Files\CCleaner
2008-04-09 12:32 . 2008-04-09 12:32 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-09 11:40 . 2008-04-09 11:40 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-09 11:40 . 2008-04-09 11:40 <DIR> d-------- C:\Documents and Settings\Ken\Application Data\Malwarebytes
2008-04-09 11:40 . 2008-04-09 11:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-09 11:38 . 2008-04-09 11:38 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-04-07 18:15 . 2008-04-07 18:16 <DIR> d-------- C:\Program Files\iTunes
2008-04-07 18:15 . 2008-04-07 18:15 <DIR> d-------- C:\Program Files\iPod
2008-04-07 17:49 . 2008-04-07 17:49 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-05 12:01 . 2007-09-05 23:22 289,144 --------- C:\WINDOWS\system32\VCCLSID.exe
2008-04-05 12:01 . 2006-04-27 16:49 288,417 --------- C:\WINDOWS\system32\SrchSTS.exe
2008-04-05 12:01 . 2008-03-01 23:12 86,016 --------- C:\WINDOWS\system32\VACFix.exe
2008-04-05 12:01 . 2008-03-05 22:29 82,432 --------- C:\WINDOWS\system32\IEDFix.exe
2008-04-05 12:01 . 2003-06-05 20:13 53,248 --------- C:\WINDOWS\system32\Process.exe
2008-04-05 12:01 . 2004-07-31 17:50 51,200 --------- C:\WINDOWS\system32\dumphive.exe
2008-04-05 12:01 . 2007-10-03 23:36 25,600 --------- C:\WINDOWS\system32\WS2Fix.exe
2008-04-02 22:27 . 2008-04-02 22:27 <DIR> d-------- C:\Program Files\DisplayLink Core Software
2008-04-02 22:27 . 2008-04-02 22:27 <DIR> d-------- C:\Program Files\Acer Monitor
2008-03-30 18:10 . 2008-03-30 18:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-03-30 18:03 . 2008-03-30 18:22 <DIR> d-------- C:\Documents and Settings\Ken\Application Data\HP
2008-03-30 17:59 . 2008-03-30 17:59 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-03-30 17:59 . 2008-03-30 17:59 <DIR> d-------- C:\Program Files\Common Files\HP
2008-03-30 17:59 . 2008-03-30 17:59 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-03-30 17:59 . 2008-03-30 17:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-03-30 17:59 . 2008-03-30 18:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-03-30 17:56 . 2008-03-30 18:10 164,924 --------- C:\WINDOWS\hpoins21.dat
2008-03-30 17:56 . 2008-02-15 04:41 7,262 --------- C:\WINDOWS\hpomdl21.dat
2008-03-30 17:46 . 2008-03-30 17:46 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-03-30 17:46 . 2008-03-30 17:49 <DIR> d-------- C:\temp\FixEngine
2008-03-30 17:46 . 2008-03-30 17:46 <DIR> d-------- C:\temp
2008-03-30 17:46 . 2008-03-30 18:06 <DIR> d-------- C:\Program Files\Hp
2008-03-30 14:44 . 2008-03-30 14:44 <DIR> d-------- C:\Program Files\Roxio
2008-03-30 14:44 . 2008-03-30 14:44 <DIR> d-------- C:\Program Files\Common Files\SureThing Shared
2008-03-29 11:43 . 2008-03-29 11:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-03-29 11:43 . 2007-03-08 05:20 49,920 -r------- C:\WINDOWS\system32\drivers\HPZid412.sys
2008-03-29 11:43 . 2007-03-08 05:20 16,496 -r------- C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-03-29 11:42 . 2007-05-02 09:56 954,368 -r------- C:\WINDOWS\system32\hpotiop5.dll
2008-03-29 11:42 . 2007-05-02 10:01 675,840 -r------- C:\WINDOWS\system32\hpowiax5.dll
2008-03-29 11:42 . 2007-03-08 05:20 364,544 -r------- C:\WINDOWS\system32\hppldcoi.dll
2008-03-29 11:42 . 2007-03-08 05:20 309,760 -r------- C:\WINDOWS\system32\difxapi.dll
2008-03-29 11:42 . 2007-05-02 10:00 303,104 -r------- C:\WINDOWS\system32\hpovst12.dll
2008-03-29 11:42 . 2007-05-02 11:03 267,864 -r------- C:\WINDOWS\system32\hpzids01.dll
2008-03-29 11:42 . 2007-03-15 16:32 118,272 --------- C:\WINDOWS\system32\hpz3l5ha.dll
2008-03-29 11:42 . 2007-03-08 05:20 21,568 -r------- C:\WINDOWS\system32\drivers\HPZius12.sys
2008-03-29 11:42 . 2004-08-03 23:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-03-29 11:42 . 2004-08-03 23:58 15,104 -----c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-03-28 21:01 . 2008-04-25 12:38 <DIR> d--h----- C:\BJPrinter

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-04-28 14:10 --------- d-----w C:\Documents and Settings\Ken\Application Data\BitTorrent
2008-04-22 19:37 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
2008-04-21 19:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-04-18 09:05 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-16 13:06 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-10 21:43 --------- d-----w C:\Documents and Settings\Ken\Application Data\DNA
2008-04-07 17:14 --------- d-----w C:\Program Files\QuickTime
2008-04-04 16:46 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-03 21:59 --------- d-----w C:\Program Files\Dobermann
2008-04-03 19:11 --------- d-----w C:\Program Files\Google
2008-03-30 13:07 --------- d-----w C:\Documents and Settings\Ken\Application Data\CheckPoint
2008-03-25 19:55 --------- d-----w C:\Program Files\WinXMedia
2008-03-24 15:04 --------- d-----w C:\Program Files\DNA
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-16 05:57 --------- d-----w C:\Documents and Settings\Ken\Application Data\Tibia
2008-03-16 05:56 --------- d-----w C:\Program Files\Tibia
2008-03-11 18:34 --------- d-----w C:\Program Files\WiFiConnector
2008-03-07 16:02 --------- d-----w C:\Program Files\KONAMI
2008-03-07 13:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-06 13:04 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
2008-03-03 12:03 --------- d-----w C:\Documents and Settings\Main\Application Data\ATI
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-09 18:47 2,368 ------w C:\WINDOWS\system32\SVKP.sys
2008-01-31 22:11 524,288 ------w C:\WINDOWS\system32\DivXsm.exe
2008-01-31 22:11 3,596,288 ------w C:\WINDOWS\system32\qt-dx331.dll
2008-01-31 22:10 200,704 ------w C:\WINDOWS\system32\ssldivx.dll
2008-01-31 22:10 1,044,480 ------w C:\WINDOWS\system32\libdivx.dll
2008-01-29 11:02 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll
2003-10-23 17:52 40,960 ------w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( snapshot@2008-04-16_11.37.10.79 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-16 10:29:55 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-28 08:07:05 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-21 17:07:49 27,136 ----a-r C:\WINDOWS\Installer\{02DFF6B1-1654-411C-8D7B-FD6052EF016F}\AppleSoftwareUpdateIco.exe
+ 2008-04-18 09:03:40 3,262 ----a-r C:\WINDOWS\Installer\{A347C572-F7B4-43A3-BD51-FFC99184F70D}\ARPPRODUCTICON.exe
- 1998-10-29 16:45:06 306,688 ------w C:\WINDOWS\IsUninst.exe
+ 1998-10-29 15:45:06 306,688 ----a-w C:\WINDOWS\IsUninst.exe
- 2002-02-11 22:00:00 5,632 ------w C:\WINDOWS\system32\CNMVS45.DLL
+ 2002-02-12 05:00:00 5,632 ----a-w C:\WINDOWS\system32\CNMVS45.DLL
- 2008-01-03 18:19:34 581,632 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
+ 2008-03-14 22:29:22 581,632 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
+ 2008-03-14 22:12:30 1,490,944 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\dirapiX.dll
- 2008-01-03 18:20:14 24,576 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2008-03-14 22:29:58 24,576 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2008-03-14 22:10:06 606,208 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\iml32X.dll
- 2008-01-03 18:18:56 339,968 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
+ 2008-03-14 22:28:48 339,968 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Plugin.dll
- 2008-01-03 18:19:06 475,136 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
+ 2008-03-14 22:28:56 475,136 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\PluginPing.dll
- 2008-01-03 18:11:48 180,224 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
+ 2008-03-14 22:21:52 180,224 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\Proj.dll
- 2008-01-03 18:22:06 77,824 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
+ 2008-03-14 22:31:28 77,824 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe
+ 2008-03-15 10:38:08 86,016 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwMenuX.dll
- 2008-01-03 18:22:08 98,304 ------w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
+ 2008-03-14 22:31:28 98,304 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\SwOnce.dll
- 2008-04-16 10:34:18 60,740 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-28 08:11:39 60,740 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-04-16 10:34:18 400,772 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-28 08:11:39 400,772 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2002-02-12 05:00:00 63,488 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNBMC14 9.DLL
+ 2002-02-12 05:00:00 48,128 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMCP45 .DLL
+ 2002-02-12 05:00:00 207,872 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMD445 .DLL
+ 2002-02-12 05:00:00 167,424 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMDR45 .DLL
+ 2002-02-12 05:00:00 3,584 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMFU45 .DLL
+ 2002-02-12 05:00:00 12,288 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMOP45 .DLL
+ 2002-02-12 05:00:00 23,280 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMP045 .DAT
+ 2002-02-12 05:00:00 27,140 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMP145 .DAT
+ 2002-02-12 05:00:00 30,320 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMP245 .DAT
+ 2002-02-12 05:00:00 6,144 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMPI45 .DLL
+ 2002-02-12 05:00:00 54,272 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMPV45 .EXE
+ 2002-02-12 05:00:00 790,016 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMSB45 .DLL
+ 2002-02-12 05:00:00 9,216 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMSD45 .EXE
+ 2002-02-12 05:00:00 90,112 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMSM45 .EXE
+ 2002-03-01 05:00:00 50,688 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMSR45 .DLL
+ 2002-02-12 05:00:00 110,080 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMUB45 .DLL
+ 2002-02-12 05:00:00 1,378,304 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMUI45 .DLL
+ 2002-03-01 05:00:00 136,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\CNMUR45 .DLL
+ 2002-02-12 05:00:00 63,488 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNBMC149.DLL
+ 2002-02-12 05:00:00 48,128 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMCP45.DLL
+ 2002-02-12 05:00:00 207,872 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMD445.DLL
+ 2002-02-12 05:00:00 167,424 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMDR45.DLL
+ 2002-02-12 05:00:00 3,584 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMFU45.DLL
+ 2002-02-12 05:00:00 12,288 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMOP45.DLL
+ 2002-02-12 05:00:00 23,280 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMP045.DAT
+ 2002-02-12 05:00:00 27,140 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMP145.DAT
+ 2002-02-12 05:00:00 30,320 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMP245.DAT
+ 2002-02-12 05:00:00 6,144 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMPI45.DLL
+ 2002-02-12 05:00:00 54,272 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMPV45.EXE
+ 2002-02-12 05:00:00 790,016 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMSB45.DLL
+ 2002-02-12 05:00:00 9,216 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMSD45.EXE
+ 2002-02-12 05:00:00 90,112 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMSM45.EXE
+ 2002-03-01 05:00:00 50,688 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMSR45.DLL
+ 2002-02-12 05:00:00 110,080 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMUB45.DLL
+ 2002-02-12 05:00:00 1,378,304 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMUI45.DLL
+ 2002-03-01 05:00:00 136,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\canons330 2878\CNMUR45.DLL
- 2002-02-11 22:00:00 43,008 ------w C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP45. DLL
+ 2002-02-12 05:00:00 43,008 ----a-w C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP45. DLL
+ 2008-04-28 08:07:19 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_610.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
2007-11-06 01:50 542016 --------- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 19:23 102400]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 12:03 868352]
"BTCLiveUpdate"="D:\LiveUpdate.exe" [2004-03-08 13:50 430080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-07-10 22:10 339968]
"diagnostics"="C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" [2007-11-22 23:08 557149]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2007-06-11 08:06 901120]
"MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2002-06-19 10:50 180224]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 17:41 45056]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 21:17 49152]
"hpqSRMon"="C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 16:31 80896]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"TrojanScanner"="D:\Trojan Remover\Trjscan.exe" [2008-04-07 19:51 873040]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp. exe" [2008-03-29 18:37 79224]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [2007-10-14 20:38:52 214360]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2007-12-31 13:11:51 118784]
Run Nintendo Wi-Fi USB Connector Registration Tool.lnk - C:\Program Files\WiFiConnector\NintendoWFCReg.exe [2008-03-11 19:34:07 1073152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll
"msacm.ac3filter"= ac3filter.acm

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Thomson\\ST330\\service\\st330service.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"D:\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpiscnapp.exe"=
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Westwood\\RA2\\game.exe"=
"C:\\kav\\kav7.0\\english\\setup.exe"=
"C:\\Westwood\\SUN\\GAME.ICD"=
"C:\\Westwood\\RA2\\gamemd.exe"=
"C:\\Westwood\\RA2\\patchgetmd.dat"=

R0 si3112r;Silicon Image SiI 3512 SATARaid Controller;C:\WINDOWS\system32\drivers\si3112r.sys [2007-08-29 04:04]
R0 SiWinAcc;SiWinAcc;C:\WINDOWS\system32\drivers\SiWi nAcc.sys [2007-08-29 04:04]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 18:31]
R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2001-12-20 09:02]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswF sBlk.sys [2008-03-29 18:35]
R2 DisplayLinkServiceisplayLink Service;"C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe" [2007-12-13 10:28]
R2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe [2001-08-06 06:41]
R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [2008-02-09 19:47]
R3 DisplayLinkmirrorisplayLinkmirror;C:\WINDOWS\sys tem32\DRIVERS\DisplayLinkmirrorport.sys [2007-03-09 12:16]
S2 PPSCAN;PPSCAN;C:\WINDOWS\system32\drivers\PPSCAN.s ys [2002-03-29 15:58]
S3 ST330;ST330;C:\WINDOWS\system32\drivers\st330.sys [2007-11-22 22:32]
S3 STBUS;STBUS;C:\WINDOWS\system32\drivers\stbus.sys [2007-11-22 22:32]
S3 STETH;SpeedTouch Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\steth.sys [2007-11-22 22:32]
S3 stppp;Speedtouch PPP Adapter Adapter;C:\WINDOWS\system32\DRIVERS\stppp.sys [2007-11-22 22:58]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-10-24 15:10]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-10-24 15:11]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-10-24 15:11]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-10-24 15:12]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-10-24 15:12]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2005-12-28 13:46]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2005-12-28 13:47]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2005-12-28 13:47]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2005-12-28 13:48]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys [2005-12-28 13:49]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
Contents of the 'Scheduled Tasks' folder
"2008-04-21 19:48:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-25 17:55:00 C:\WINDOWS\Tasks\backup.job"
- C:\WINDOWS\system32\ntbackup.exečbackup
.
************************************************** ************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-28 15:23:03
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2008-04-28 15:24:00
ComboFix-quarantined-files.txt 2008-04-28 14:23:49
ComboFix2.txt 2008-04-16 10:28:51

Pre-Run: 4,551,643,136 bytes free
Post-Run: 4,536,934,400 bytes free

298 --- E O F --- 2008-04-11 12:55:13


AND HERE`S THE HJT LOG
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:30, on 2008-04-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
D:\LiveUpdate.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:en
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TrojanScanner] D:\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [BTCLiveUpdate] "D:\LiveUpdate.exe" /autostart
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - http://h20264.www2.hp.com/ediags/dd/...osticsxp2k.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1195521811593
O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} (F-Secure Health Check 1.0) - http://support.f-secure.com/enu/home...fshc/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{04EAEDE1-039A-497A-8642-263E76935EFA}: NameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{04EAEDE1-039A-497A-8642-263E76935EFA}: NameServer = 194.168.4.100 194.168.8.100
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DisplayLink Service (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - (no file)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10042 bytes


Last edited by midge; 04-28-2008 at 03:33 PM. Reason: TO ADD HJT LOG
  #20  
Old 04-28-2008
valis's Avatar
Senior Security Analyst
My PC
 
Join Date: Jan 2007
Location: texas, USA
Posts: 2,602
PC Experience: PC Illiterate
valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page
Default Re: Hijackthis Log
still got the error?


__________________

M.C.S.A.
M.C.P. - MS Server 2k3, Network Architecture

"Ask Bill why the string in function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that."
- Gary Kildall
  #21  
Old 04-28-2008
midge's Avatar
Bronze Member
  
Join Date: Apr 2008
Location: N.Ireland
Posts: 14
PC Experience: Some Experience
midge - See this Members User comments on their Profile page
Default Re: Hijackthis Log
Yeap, still there. The desktop loads up and it doesn`t appear but as soon as the task bar at the bottom starts to load bang....there it appears.

The only thing I`ve added recently is a new printer/scanner/copier from HP and I have a feeling that this close box started to appear around the same time. I tried to do a screen shot but my prtscr button doesn`t appear to be doing anything.

Thanks for all your advice and perserverance so far.
M
  #22  
Old 04-29-2008
valis's Avatar
Senior Security Analyst
My PC
 
Join Date: Jan 2007
Location: texas, USA
Posts: 2,602
PC Experience: PC Illiterate
valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page
Default Re: Hijackthis Log
when you hit prt scr, you then need to open ms paint, or word, or excel, then paste it in there. Then upload it here.

Check your task manager (ctrl+shift+esc) and see if there are any processes running that start with HP; if so, kill them; they will reappear on the next boot anyhow. If the box disappears, it's definitely something from HP, which woudln't surprise me either.

thanks,

v


__________________

M.C.S.A.
M.C.P. - MS Server 2k3, Network Architecture

"Ask Bill why the string in function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that."
- Gary Kildall
  #23  
Old 04-30-2008
midge's Avatar
Bronze Member
  
Join Date: Apr 2008
Location: N.Ireland
Posts: 14
PC Experience: Some Experience
midge - See this Members User comments on their Profile page
Default Re: Hijackthis Log
hpqgpc01.exe
hpqbam08.exe
hpqste08.exe
hpwuSchd2.exe
hpqtra08.exe

All appear in processes in the task manager, but when I click on them to "end process" I get a warning saying that it can cause undisired results including loss of data and system instability and the process will not be given the chance to save its state or data before its terminated.

Do I still stop it??? I work from home and a lot of my files and forms are printed through this and I don`t want to lose anything......or will it be ok?

Thanks again M
  #24  
Old 04-30-2008
valis's Avatar
Senior Security Analyst
My PC
 
Join Date: Jan 2007
Location: texas, USA
Posts: 2,602
PC Experience: PC Illiterate
valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page
Default Re: Hijackthis Log
yes, you can still terminate the process. Again, to restart it, all you will need to do is reboot the pc.

I would start at the top, kill it, and see if the box goes away. Keep doing so until the box disappears, then make a note of which one it was, and we'll disable that in hjt.

thanks,

v


__________________

M.C.S.A.
M.C.P. - MS Server 2k3, Network Architecture

"Ask Bill why the string in function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that."
- Gary Kildall

Reply
New! Norton Internet Security 2008 – Download Now Click Here
Page 4 of 4 < 1 2 3 4

Bookmarks