Viruses, Spyware and other Nasties RSS Viruses, Spyware and other Nasties RSS

Please review HJT log, unable to update xp

Reply

Join Date: May 2006
Posts: 3
Reputation: mfhjr is an unknown quantity at this point 
Solved Threads: 0
mfhjr mfhjr is offline Offline
Newbie Poster

Please review HJT log, unable to update xp

 
0
  #1
May 20th, 2006
I'm not sure why my text is wrapping???Greetings all, I'm new to the forum and I'm hoping I can get a little (or a lot) of help. I'm working with a sony laptop and at this time I'm unable to get to the MSN update window. I'm not sure if this is related but I also cannot use my media player. If some one could please review my HJT log it would be greatly appreciated. Thanks much, Mario.Logfile of HijackThis v1.99.1Scan saved at 1:32:40 PM, on 5/20/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeD:\WUTemp\avgamsvr.exeD:\WUTemp\avgupsvc.exeC:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXEC:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exeD:\Technospd\Utility\Gear511.exeD:\WUTemp\avgcc.exeD:\WUTemp\avgemc.exeC:\PROGRA~1\iolo\SYSTEM~1\PopupStopper.exeC:\Program Files\Nikon\NkView5\NkvMon.exeC:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exeC:\unzipped\hijackthis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mysearchstart.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.roadfly.org/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.netscape.com/home/winsearch200.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%sR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)O4 - HKLM\..\Run: [SystemTray] SysTray.ExeO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exeO4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exeO4 - HKLM\..\Run: [AS00_Gear511] D:\Technospd\Utility\Gear511.exe -hideO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [AVG7_CC] D:\WUTemp\avgcc.exe /STARTUPO4 - HKLM\..\Run: [AVG7_EMC] D:\WUTemp\avgemc.exeO4 - HKCU\..\Run: [System Mechanic Popup Stopper] "C:\PROGRA~1\iolo\SYSTEM~1\PopupStopper.exe"O4 - Startup: PowerReg SchedulerV2.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exeO4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: officejet 6100.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exeO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLLO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: Yahoo! Freecell Solitaire - http://yog2.games.snv.yahoo.com/yog/y/fs9_x.cabO16 - DPF: {26AFD6EF-C017-4063-B2B1-E515DE98A1B7} - http://download.kodak.com/digital/so...install.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...swflash.cabO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\WUTemp\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\WUTemp\avgupsvc.exeO23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXEO23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exeO23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
Reply With Quote Quick reply to this message  
Join Date: Jul 2005
Posts: 1,542
Reputation: tayspen is on a distinguished road 
Solved Threads: 98
Team Colleague
tayspen's Avatar
tayspen tayspen is offline Offline
<Insert title here>

Re: Please review HJT log, unable to update xp

 
0
  #2
May 20th, 2006
Hi, if you can't paste the log right, just attach it. It is way to hard to read as is.
Firefox
Ewido
Tune up windows
Get detailed system information
My Fixes

Member - Alliance of Security Analysis Professionals - Since 2006
Reply With Quote Quick reply to this message  
Join Date: Feb 2004
Posts: 9,984
Reputation: crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold 
Solved Threads: 754
Moderator
Featured Poster
crunchie's Avatar
crunchie crunchie is offline Offline
Spyware Killer

Re: Please review HJT log, unable to update xp

 
0
  #3
May 20th, 2006
Rescan and save the log from hijackthis. Go into the notepad text file where the hijackthis log is saved and go to the 'Format' button at the top. Place a check (tick) next to word wrap and that should fix it.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Reply With Quote Quick reply to this message  
Join Date: May 2006
Posts: 3
Reputation: mfhjr is an unknown quantity at this point 
Solved Threads: 0
mfhjr mfhjr is offline Offline
Newbie Poster

Re: Please review HJT log, unable to update xp

 
0
  #4
May 21st, 2006
Originally Posted by crunchie
Rescan and save the log from hijackthis. Go into the notepad text file where the hijackthis log is saved and go to the 'Format' button at the top. Place a check (tick) next to word wrap and that should fix it.
I tried your suggestion but it did not work. I am able to copy and paste without any problems but when I preview my post that's when it wraps the text. Could you tell me how to attach the log to the post?
Reply With Quote Quick reply to this message  
Join Date: Jul 2005
Posts: 1,542
Reputation: tayspen is on a distinguished road 
Solved Threads: 98
Team Colleague
tayspen's Avatar
tayspen tayspen is offline Offline
<Insert title here>

Re: Please review HJT log, unable to update xp

 
0
  #5
May 21st, 2006
In the reply. CLick Manage Attachments toward the bottom (It is a button). Then, browse to the log. Once, its selected, click OK. Then click upload. Then when you reply it will be attached.
Firefox
Ewido
Tune up windows
Get detailed system information
My Fixes

Member - Alliance of Security Analysis Professionals - Since 2006
Reply With Quote Quick reply to this message  
Join Date: May 2006
Posts: 3
Reputation: mfhjr is an unknown quantity at this point 
Solved Threads: 0
mfhjr mfhjr is offline Offline
Newbie Poster

Re: Please review HJT log, unable to update xp

 
0
  #6
May 22nd, 2006
I think that I figured a way around the problem of posting. If you could please review the log it would be greatly appreciated.

Mario

Logfile of HijackThis v1.99.1
Scan saved at 10:47:06 AM, on 5/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\WUTemp\avgamsvr.exe
D:\WUTemp\avgupsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
D:\Technospd\Utility\Gear511.exe
D:\WUTemp\avgcc.exe
D:\WUTemp\avgemc.exe
C:\PROGRA~1\iolo\SYSTEM~1\PopupStopper.exe
C:\Program Files\Nikon\NkView5\NkvMon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\unzipped\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mysearchstart.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.roadfly.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.netscape.com/home/winsearch200.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [AS00_Gear511] D:\Technospd\Utility\Gear511.exe -hide
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\WUTemp\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] D:\WUTemp\avgemc.exe
O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "C:\PROGRA~1\iolo\SYSTEM~1\PopupStopper.exe"
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: officejet 6100.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Freecell Solitaire - http://yog2.games.snv.yahoo.com/yog/y/fs9_x.cab
O16 - DPF: {26AFD6EF-C017-4063-B2B1-E515DE98A1B7} - http://download.kodak.com/digital/so...re/install.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\WUTemp\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\WUTemp\avgupsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the Viruses, Spyware and other Nasties Forum
Thread Tools Search this Thread



adware anti-malware anti-virussitesaccessissue antivirus apple attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia education email europe exam exploit facebook fake fancheckvirus gaming gumblar halloween hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus sans scareware school search security seopoisoning software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista warning windows worm yahoo
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC