0

I dunno what happened but I was using msn then turned the comp off, a couple hours later turned it on and it wont run. Here's my HiJack This file

Logfile of HijackThis v1.99.1
Scan saved at 7:51:17 AM, on 8/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\system32\mpxa.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: F2atv Forums Toolbar - {0ff9a677-542a-481d-a6d6-3fa32d8a806d} - C:\Program Files\F2atv_Forums\tbF2a1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: F2atv Forums Toolbar - {0ff9a677-542a-481d-a6d6-3fa32d8a806d} - C:\Program Files\F2atv_Forums\tbF2a1.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: F2atv Forums Toolbar - {0ff9a677-542a-481d-a6d6-3fa32d8a806d} - C:\Program Files\F2atv_Forums\tbF2a1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [User Themes] C:\Program Files\Common Files\Microsoft Shared\DAO\DOUGHNUT-CP02RJ\svchost.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [mpt] c:\WINDOWS\system32\mpt.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Battle Phlinx by pogo - http://game3.pogo.com/v/8.1.9.1/applet/battlephlinx/battlephlinx-en_US.cab
O16 - DPF: Blackjack by pogo - http://game3.pogo.com/v/9.0.1.14/applet/blackjack/blackjack-en_US.cab
O16 - DPF: Blackjack Carnival by pogo - http://game3.pogo.com/v/9.0.2.13/applet/vbjack2/vbjack2-en_US.cab
O16 - DPF: Blooop by pogo - http://game3.pogo.com/v/9.0.1.14/applet/cascade/cascade-en_US.cab
O16 - DPF: Crazy Cakes by pogo - http://game3.pogo.com/v/9.0.3.19/applet/platespinner/platespinner-en_US.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/v/8.1.7.44/applet/checkeredflag/checkeredflag-en_US.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/v/8.1.7.44/applet/superbingo/superbingo-en_US.cab
O16 - DPF: Greenback Bayou by pogo - http://game3.pogo.com/v/9.0.1.7/applet/greenback/greenback-en_US.cab
O16 - DPF: Hangman Hijinks by pogo - http://game3.pogo.com/v/8.1.9.1/applet/hangman/hangman-en_US.cab
O16 - DPF: Hog Heaven Slots by pogo - http://game3.pogo.com/v/9.0.1.7/applet/fancy/fancy-en_US.cab
O16 - DPF: KenoPop! by pogo - http://game1.pogo.com/v/8.1.8.21/applet/speedkeno/speedkeno-en_US.cab
O16 - DPF: Lost Temple Poker by pogo - http://game3.pogo.com/v/9.0.1.7/applet/mhpoker/mhpoker-en_US.cab
O16 - DPF: No-Limit Texas Hold'em by pogo - http://game3.pogo.com/v/8.1.7.44/applet/allin/allin-en_US.cab
O16 - DPF: Penguin Blocks by pogo - http://game3.pogo.com/v/9.0.1.23/applet/penguins/penguins-en_US.cab
O16 - DPF: Pop Fu by pogo - http://game3.pogo.com/v/9.0.1.7/applet/popfu/popfu-en_US.cab
O16 - DPF: PoppaZoppa by pogo - http://game3.pogo.com/v/9.0.1.7/applet/poppazoppa/poppazoppa-en_US.cab
O16 - DPF: Poppit by pogo - http://game3.pogo.com/v/8.1.7.44/applet/poppit2/poppit2-en_US.cab
O16 - DPF: Ride The Tide by pogo - http://game3.pogo.com/v/9.0.2.13/applet/ride/ride-en_US.cab
O16 - DPF: Stellar Sweeper by pogo - http://game3.pogo.com/v/9.0.1.23/applet/sweeper/sweeper-en_US.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game3.pogo.com/v/9.0.1.14/applet/holdem/holdem-en_US.cab
O16 - DPF: TruePass EPF 7,0,100,739 - https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab
O16 - DPF: Tumble Bees by pogo - http://game3.pogo.com/v/9.0.2.13/applet/tumbee2/tumbee2-en_US.cab
O16 - DPF: Wonderland Memories by pogo - http://game3.pogo.com/v/9.0.1.7/applet/memories/memories-en_US.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1201921339765
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1201921320109
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/en-US/TSEasyInstallX.CAB
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: jkkHAtSI - jkkHAtSI.dll (file missing)
O20 - Winlogon Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

2
Contributors
2
Replies
3
Views
9 Years
Discussion Span
Last Post by jholland1964
0

You should begin with all the steps on this sticky
Once you have completed all the above steps then post back here with all the requested logs.

0

Just going through your HJT log again, which is the old version by the way, you should remove that one and go with the newest version which is HiJackThis version 2.0.2
Your Java is also out of date, you are running update 6 version 4, current version is 6 update 7.
You said you were using MSN Messenger when you shut down but now it won't run. Your HJT log shows 5 instances of it running in the background, it is also in auto starts.
Try going to the Taskmanager and shutting down all those that are running in the background and see then if you can open it up.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.