 |
 |
 |
 |
|
|||||||
| [Pending] HJT Logs - restore hp pc posted in the Security & Safety forums; i have a hp pavilion a320n when i try to run the restore feature i get a fatal error message and the pc shuts down.Some of my reasons for wanting ... |
|
04-01-2009
|
#1 |
|
Bronze Member
 Join Date: Apr 2009
Posts: 54 PC Experience: Some Experience
|
restore hp pc
i have a hp pavilion a320n when i try to run the restore feature i get a fatal error message and the pc shuts down.Some of my reasons for wanting to restore the pc are the following; all video capability has stopped, once on a web page you cannot proceed to another topic on the same site, some web sites such as my yahoo have changed background colors and can't be changed. would appreciate any help i could get. thank you bmorrisey
|
|
|
| Advertisement - Register to Remove | |
|
|
04-01-2009
|
#2 |
|
Trusted Security Analyst
   
Join Date: Jul 2005
Location: NW Indiana
Posts: 2,891 PC Experience: Comnputers Fear Me..
|
Re: restore hp pc
Howdy bmorrisey and welcome to PCHELPFORUM,
I would tend to think you may have an infection! Please follow the pre-work in my signature and post your results in the forum below please http://www.pchelpforum.com/new-hijackthis-logs/
__________________
UBCD...SpeedFan...PreWork...AfterWork...NukeDisk...Free Online Virus Scanner...Cpu-Z |
|
|
|
|
04-01-2009
|
#3 |
|
Bronze Member
Join Date: Apr 2009
Posts: 54 PC Experience: Some Experience
|
Re: restore hp pc
have followed all instructions but when malwarebytes downloaded now i get a message that the update can't be done saying make sure you are connected to the internet and that the firewall allows malwarebytes to access the internet. bmorrisey
|
|
|
|
|
04-02-2009
|
#4 |
|
Bronze Member
Join Date: Apr 2009
Posts: 54 PC Experience: Some Experience
|
Re: restore hp pc
i have completed running malwarebytes and highjackthis these arethe logsMalwarebytes' Anti-Malware 1.35Database version: 1904Windows 5.1.2600 Service Pack 24/1/2009 7:18:23 PMmbam-log-2009-04-01 (19-18-23).txtScan type: Full Scan (C:\|D:\|)Objects scanned: 180000Time elapsed: 1 hour(s), 26 minute(s), 32 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 1Files Infected: 13Memory Processes Infected
 No malicious items detected)Memory Modules InfectedNo malicious items detected)Registry Keys InfectedNo malicious items detected)Registry Values InfectedNo malicious items detected)Registry Data Items InfectedNo malicious items detected)Folders Infected:C:\Program Files\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.Files Infected:C:\Documents and Settings\Owner\Desktop\FCDA5F0F2211774C\FCDA5F0F22 11774C (Rootkit.Zlob) -> Quarantined and deleted successfully.C:\Program Files\Gamevance\ars.cfg (Adware.Gamevance) -> Quarantined and deleted successfully.C:\Program Files\Gamevance\gvtl.dll (Adware.Gamevance) -> Quarantined and deleted successfully.C:\Program Files\Gamevance\gvun.exe (Adware.Gamevance) -> Quarantined and deleted successfully.C:\Program Files\Gamevance\icon.ico (Adware.Gamevance) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\My Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\My Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Favorites\Run Virus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\All Users\Start Menu\Run Virus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Run Virus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\All Users\Desktop\Run Virus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\WINDOWS\fd.dll (Rootkit.Zlob) -> Quarantined and deleted successfully.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:36:18 PM, on 4/1/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0011)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\s ystem32\winlogon.exeC:\WINDOWS\system32\services.e xeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32 \svchost.exeC:\WINDOWS\system32\svchost.exeC:\WIND OWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\ird vxc.exec:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\System32\nvsvc32. exeC:\WINDOWS\Explorer.EXEC:\Program Files\Softex\OmniPass\Omniserv.exeC:\WINDOWS\Syste m32\svchost.exeC:\Program Files\Softex\OmniPass\OPXPApp.exeC:\WINDOWS\system 32\wscntfy.exeC:\windows\system\hpsysdrv.exeC:\Pro gram Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exeC:\Program Files\HP\HP Software Update\HPWuSchd.exeC:\WINDOWS\System32\hphmon05.ex eC:\HP\KBD\KBD.EXEC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\WINDOWS\ALCXMNTR.EXEC:\Program Files\Multimedia Card Reader\shwicon2k.exec:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exeC:\PROGRA~1\MICROI~1\INTERN~1\KE MailKb.EXEC:\PROGRA~1\MICROI~1\INTERN~1\KPDrv4XP.E XEC:\Program Files\DefenderPro\TSAntiSpy.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\ctfm on.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exeC:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exeC:\Program Files\Adobe Media Player\Adobe Media Player.exeC:\Program Files\LimeWire\LimeWire.exeC:\Program Files\interMute\SpamSubtract\SpamSubtract.exeC:\Pr ogram Files\Internet Explorer\iexplore.exeC:\Program Files\Malwarebytes' Anti-Malware\mbam.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\ DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 1 for HiJackThis[1].zip\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Advertising Your Business with Yahoo! Search Marketing - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Advertising Your Business with Yahoo! Search Marketing - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = AOL.com - Welcome to AOL - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dllO2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dllO2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dllO2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dllO 2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dllO3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dllO3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dllO4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exeO4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exeO4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd.exe"O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exeO4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exeO4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXEO4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /rO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXEO4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetectO4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exeO4 - HKLM\..\Run: [NAV CfgWiz] c:\PROGRA~1\NORTON~1\Cfgwiz.exe /RO4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXEO4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exeO4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exeO4 - HKLM\..\Run: [KEMailKb] C:\PROGRA~1\MICROI~1\INTERN~1\KEMailKb.EXEO4 - HKLM\..\Run: [KPDrv4XP] C:\PROGRA~1\MICROI~1\INTERN~1\KPDrv4XP.EXEO4 - HKLM\..\Run: [LaunchAntiSpy] C:\Program Files\DefenderPro\TSAntiSpy.exe /startupO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exeO4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHookO4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /SO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')O4 - S-1-5-18 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')O4 - .DEFAULT Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exeO4 - Startup: HP Organize.lnk = ?O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exeO4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exeO4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exeO9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{848426D5-804E-4366-AAC3-C23C5DC578CA}: NameServer = 216.49.224.10 216.49.224.11O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exeO23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exeO23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeO23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe--End of file - 9333 bytes
|
|
|
|
|
04-02-2009
|
#5 |
|
Senior Security Analyst
 
Join Date: Jun 2006
Location: Singapore
Posts: 5,177 PC Experience: PC Guru
|
Re: restore hp pc
Hello.
 Unfortunately there's no way I can view those logs as they are warped together. Please go to Notepad, click on Format and click Word Wrap. Post those logs again. |
|
|
|
04-02-2009
|
#6 |
|
Bronze Member
Join Date: Apr 2009
Posts: 54 PC Experience: Some Experience
|
Re: restore hp pc
logsMalwarebytes' Anti-Malware 1.35Database version: 1904Windows 5.1.2600 Service Pack 24/1/2009 7:18:23 PMmbam-log-2009-04-01 (19-18-23).txtScan type: Full Scan (C:\|D:\|)Objects scanned: 180000Time elapsed: 1 hour(s), 26 minute(s), 32 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 1Files Infected: 13Memory Processes InfectedNo malicious items detected)Memory Modules InfectedNo malicious items detected)Registry Keys InfectedNo malicious items detected)Registry Values InfectedNo malicious items detected)Registry Data Items InfectedNo malicious items detected)Folders Infected:C:\Program Files\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.Files Infected:C:\Documents and Settings\Owner\Desktop\FCDA5F0F2211774C\FCDA5F0F22 11774C (Rootkit.Zlob) -> Quarantined and deleted successfully.C:\Program Files\Gamevance\ars.cfg (Adware.Gamevance) -> Quarantined and deleted successfully.C:\Program Files\Gamevance\gvtl.dll (Adware.Gamevance) -> Quarantined and deleted successfully.C:\Program Files\Gamevance\gvun.exe (Adware.Gamevance) -> Quarantined and deleted successfully.C:\Program Files\Gamevance\icon.ico (Adware.Gamevance) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\My Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\My Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Favorites\Run Virus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\All Users\Start Menu\Run Virus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Run Virus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\Documents and Settings\All Users\Desktop\Run Virus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.C:\WINDOWS\fd.dll (Rootkit.Zlob) -> Quarantined and deleted successfully.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:36:18 PM, on 4/1/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0011)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\s ystem32\winlogon.exeC:\WINDOWS\system32\services.e xeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32 \svchost.exeC:\WINDOWS\system32\svchost.exeC:\WIND OWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\ird vxc.exec:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\System32\nvsvc32. exeC:\WINDOWS\Explorer.EXEC:\Program Files\Softex\OmniPass\Omniserv.exeC:\WINDOWS\Syste m32\svchost.exeC:\Program Files\Softex\OmniPass\OPXPApp.exeC:\WINDOWS\system 32\wscntfy.exeC:\windows\system\hpsysdrv.exeC:\Pro gram Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exeC:\Program Files\HP\HP Software Update\HPWuSchd.exeC:\WINDOWS\System32\hphmon05.ex eC:\HP\KBD\KBD.EXEC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\WINDOWS\ALCXMNTR.EXEC:\Program Files\Multimedia Card Reader\shwicon2k.exec:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exeC:\PROGRA~1\MICROI~1\INTERN~1\KE MailKb.EXEC:\PROGRA~1\MICROI~1\INTERN~1\KPDrv4XP.E XEC:\Program Files\DefenderPro\TSAntiSpy.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\ctfm on.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exeC:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exeC:\Program Files\Adobe Media Player\Adobe Media Player.exeC:\Program Files\LimeWire\LimeWire.exeC:\Program Files\interMute\SpamSubtract\SpamSubtract.exeC:\Pr ogram Files\Internet Explorer\iexplore.exeC:\Program Files\Malwarebytes' Anti-Malware\mbam.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\ DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 1 for HiJackThis[1].zip\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Advertising Your Business with Yahoo! Search Marketing - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Advertising Your Business with Yahoo! Search Marketing - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = AOL.com - Welcome to AOL - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dllO2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dllO2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dllO2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dllO 2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dllO3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dllO3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dllO4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exeO4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exeO4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd.exe"O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exeO4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exeO4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXEO4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /rO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXEO4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetectO4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exeO4 - HKLM\..\Run: [NAV CfgWiz] c:\PROGRA~1\NORTON~1\Cfgwiz.exe /RO4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXEO4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exeO4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exeO4 - HKLM\..\Run: [KEMailKb] C:\PROGRA~1\MICROI~1\INTERN~1\KEMailKb.EXEO4 - HKLM\..\Run: [KPDrv4XP] C:\PROGRA~1\MICROI~1\INTERN~1\KPDrv4XP.EXEO4 - HKLM\..\Run: [LaunchAntiSpy] C:\Program Files\DefenderPro\TSAntiSpy.exe /startupO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exeO4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHookO4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /SO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')O4 - S-1-5-18 Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')O4 - .DEFAULT Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exeO4 - Startup: HP Organize.lnk = ?O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exeO4 - Startup: spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exeO4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exeO9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{848426D5-804E-4366-AAC3-C23C5DC578CA}: NameServer = 216.49.224.10 216.49.224.11O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exeO23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exeO23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeO23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe--End of file - 9333 bytes
|
|
|
|
|
04-02-2009
|
#7 |
|
Senior Security Analyst
Join Date: Jun 2006
Location: Singapore
Posts: 5,177 PC Experience: PC Guru
|
Re: restore hp pc
Bmorrisey, WordWrap is still off.
Open the logfile again. Go to Format. You should see that currently there is no tick beside Word Wrap. Click on it once. Post the log again. |
|
|
|
|
| Bookmarks |
| Tags |
| hp, pc, Pending:, restore |
Similar discussions...
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| PC restore | clwlls8 | General Software | 1 | 04-19-2009 12:32 AM |
| Restore | tcassel | Windows XP/2000 | 8 | 11-26-2008 09:39 PM |
| What does Syst. Restore actually restore?? | CrazyKate | Windows XP/2000 | 12 | 01-09-2007 03:19 PM |
| How to restore a PC? | hibs1875 | Unfinished Threads | 1 | 08-25-2006 11:19 AM |
| Information: HP Restore | merlin | General Application Tutorials | 0 | 10-17-2005 02:23 AM |
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
