Internet explorer 7 opens/closes and windows installer error

  • qcrist
  • Newbie
  • Newbie
  • qcrist
  • Posts: 6

Post 3+ Months Ago

i keep getting the following message


the windows installer service could not be accessed this can occur if u are running windows in safe mode or windows installer is not installed correctly.


And

i have a problem with internet explorer where it opens and immediately closes itself. Does anyone know whats wrong??

Code: [ Select ]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:57:29 PM, on 8/31/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DebugDiag\DbgSvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\dllhost.exe
C:\Windows\System32\msdtc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\Dwm.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\ehome\ehtray.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\p2phost.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\explorer.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\AWC\AWC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: BitDownload BHO - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\BITTOR~1\BitP.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: []  (User '?')
O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun (User '?')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.0.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/crusher-kiwen.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger76480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver50\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
 
--
End of file - 10875 bytes
  1. Logfile of Trend Micro HijackThis v2.0.2
  2. Scan saved at 1:57:29 PM, on 8/31/2008
  3. Platform: Windows Vista SP1 (WinNT 6.00.1905)
  4. MSIE: Internet Explorer v7.00 (7.00.6001.18000)
  5. Boot mode: Normal
  6. Running processes:
  7. C:\Windows\System32\smss.exe
  8. C:\Windows\system32\csrss.exe
  9. C:\Windows\system32\wininit.exe
  10. C:\Windows\system32\csrss.exe
  11. C:\Windows\system32\services.exe
  12. C:\Windows\system32\lsass.exe
  13. C:\Windows\system32\lsm.exe
  14. C:\Windows\system32\winlogon.exe
  15. C:\Windows\system32\svchost.exe
  16. C:\Windows\system32\nvvsvc.exe
  17. C:\Windows\system32\svchost.exe
  18. C:\Windows\System32\svchost.exe
  19. C:\Windows\System32\svchost.exe
  20. C:\Windows\system32\svchost.exe
  21. C:\Windows\system32\SLsvc.exe
  22. C:\Windows\system32\svchost.exe
  23. C:\Windows\system32\rundll32.exe
  24. C:\Windows\system32\svchost.exe
  25. C:\Windows\System32\spoolsv.exe
  26. C:\Windows\system32\svchost.exe
  27. C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
  28. C:\Program Files\Bonjour\mDNSResponder.exe
  29. C:\Program Files\DebugDiag\DbgSvc.exe
  30. c:\Program Files\Common Files\LightScribe\LSSrvc.exe
  31. C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
  32. C:\Windows\system32\svchost.exe
  33. C:\Program Files\Spyware Doctor\pctsAuxs.exe
  34. C:\Program Files\Spyware Doctor\pctsSvc.exe
  35. C:\Windows\system32\svchost.exe
  36. C:\Windows\System32\svchost.exe
  37. C:\Windows\system32\SearchIndexer.exe
  38. C:\Windows\system32\DRIVERS\xaudio.exe
  39. C:\Windows\system32\WUDFHost.exe
  40. C:\Windows\system32\dllhost.exe
  41. C:\Windows\System32\msdtc.exe
  42. c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
  43. C:\Windows\system32\Dwm.exe
  44. C:\hp\support\hpsysdrv.exe
  45. C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
  46. C:\Windows\RtHDVCpl.exe
  47. C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
  48. C:\Windows\system32\schtasks.exe
  49. C:\Program Files\Microsoft LifeChat\LifeChat.exe
  50. C:\Windows\System32\rundll32.exe
  51. C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
  52. C:\Program Files\Spyware Doctor\pctsTray.exe
  53. C:\Windows\ehome\ehtray.exe
  54. C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe
  55. C:\Program Files\Windows Live\Messenger\msnmsgr.exe
  56. C:\Windows\System32\p2phost.exe
  57. C:\Windows\ehome\ehmsas.exe
  58. C:\Windows\system32\DllHost.exe
  59. C:\Windows\system32\DllHost.exe
  60. C:\Windows\explorer.exe
  61. C:\Windows\system32\schtasks.exe
  62. C:\Program Files\Windows Live\Messenger\usnsvc.exe
  63. C:\Program Files\AWC\AWC.exe
  64. C:\Program Files\Mozilla Firefox\firefox.exe
  65. C:\Windows\system32\SearchProtocolHost.exe
  66. C:\Windows\system32\SearchFilterHost.exe
  67. C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  68.  
  69. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  70. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  71. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
  72. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  73. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  74. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
  75. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  76. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  77. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
  78. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
  79. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
  80. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  81. O1 - Hosts: ::1 localhost
  82. O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
  83. O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  84. O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
  85. O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL
  86. O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  87. O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
  88. O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
  89. O2 - BHO: BitDownload BHO - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - (no file)
  90. O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
  91. O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
  92. O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
  93. O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
  94. O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
  95. O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
  96. O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
  97. O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
  98. O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
  99. O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  100. O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
  101. O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
  102. O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
  103. O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
  104. O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
  105. O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\BITTOR~1\BitP.exe
  106. O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
  107. O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  108. O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  109. O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
  110. O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
  111. O4 - HKCU\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun
  112. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
  113. O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
  114. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
  115. O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
  116. O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: []  (User '?')
  117. O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun (User '?')
  118. O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
  119. O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
  120. O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
  121. O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
  122. O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  123. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  124. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  125. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  126. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  127. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  128. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  129. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  130. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  131. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  132. O13 - Gopher Prefix:
  133. O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
  134. O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.0.cab
  135. O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
  136. O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/crusher-kiwen.cab
  137. O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger76480\Program\GAPlugProtocol-8876480.dll
  138. O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
  139. O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  140. O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
  141. O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver50\Intel 32\IDriverT.exe
  142. O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  143. O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
  144. O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
  145. O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
  146. O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared.0\SharedCOM\RoxMediaDB9.exe
  147. O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
  148. O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
  149. O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
  150. O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
  151.  
  152. --
  153. End of file - 10875 bytes
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • qcrist
  • Newbie
  • Newbie
  • qcrist
  • Posts: 6

Post 3+ Months Ago

Someone post please??
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Can I ask what you most recently downloaded and installed from your torrent and did this problem start occurring after you installed it?
  • qcrist
  • Newbie
  • Newbie
  • qcrist
  • Posts: 6

Post 3+ Months Ago

ATNO/TW wrote:
Can I ask what you most recently downloaded and installed from your torrent and did this problem start occurring after you installed it?




if i think about it it happened right after i downloaded that....:-|

but my virus scanner doesn't find anything how would i get rid of it?


if it matters it was fraps
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

I'm sorry, but what is 'fraps'? I don't see anything like that in your log. I see your torrent running, so assumed you downloaded something.

You'll have to forgive me but I really don't like helping people who try to download illegally obtained software. What exactly did you download. If you uninstall your torrent I might consider helping you.

Honestly, there is nothing in your log that is all that bad that Adaware or Spybot S&D couldn't fix.
  • qcrist
  • Newbie
  • Newbie
  • qcrist
  • Posts: 6

Post 3+ Months Ago

ATNO/TW wrote:
I'm sorry, but what is 'fraps'? I don't see anything like that in your log. I see your torrent running, so assumed you downloaded something.

You'll have to forgive me but I really don't like helping people who try to download illegally obtained software. What exactly did you download. If you uninstall your torrent I might consider helping you.

Honestly, there is nothing in your log that is all that bad that Adaware or Spybot S&D couldn't fix.



i was having trouble installing it off the website so i found it on torrents but it turned out not to work. i forgot to uninstall it but it is now uninstalled


Code: [ Select ]
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:57:29 PM, on 8/31/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
 
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DebugDiag\DbgSvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\dllhost.exe
C:\Windows\System32\msdtc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\Dwm.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\ehome\ehtray.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\System32\p2phost.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\explorer.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\AWC\AWC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: BitDownload BHO - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\BITTOR~1\BitP.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: []  (User '?')
O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun (User '?')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.0.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/crusher-kiwen.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger76480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver50\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
 
--
End of file - 10875 bytes
 
  1.  
  2. Logfile of Trend Micro HijackThis v2.0.2
  3. Scan saved at 1:57:29 PM, on 8/31/2008
  4. Platform: Windows Vista SP1 (WinNT 6.00.1905)
  5. MSIE: Internet Explorer v7.00 (7.00.6001.18000)
  6. Boot mode: Normal
  7.  
  8. Running processes:
  9. C:\Windows\System32\smss.exe
  10. C:\Windows\system32\csrss.exe
  11. C:\Windows\system32\wininit.exe
  12. C:\Windows\system32\csrss.exe
  13. C:\Windows\system32\services.exe
  14. C:\Windows\system32\lsass.exe
  15. C:\Windows\system32\lsm.exe
  16. C:\Windows\system32\winlogon.exe
  17. C:\Windows\system32\svchost.exe
  18. C:\Windows\system32\nvvsvc.exe
  19. C:\Windows\system32\svchost.exe
  20. C:\Windows\System32\svchost.exe
  21. C:\Windows\System32\svchost.exe
  22. C:\Windows\system32\svchost.exe
  23. C:\Windows\system32\SLsvc.exe
  24. C:\Windows\system32\svchost.exe
  25. C:\Windows\system32\rundll32.exe
  26. C:\Windows\system32\svchost.exe
  27. C:\Windows\System32\spoolsv.exe
  28. C:\Windows\system32\svchost.exe
  29. C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
  30. C:\Program Files\Bonjour\mDNSResponder.exe
  31. C:\Program Files\DebugDiag\DbgSvc.exe
  32. c:\Program Files\Common Files\LightScribe\LSSrvc.exe
  33. C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
  34. C:\Windows\system32\svchost.exe
  35. C:\Program Files\Spyware Doctor\pctsAuxs.exe
  36. C:\Program Files\Spyware Doctor\pctsSvc.exe
  37. C:\Windows\system32\svchost.exe
  38. C:\Windows\System32\svchost.exe
  39. C:\Windows\system32\SearchIndexer.exe
  40. C:\Windows\system32\DRIVERS\xaudio.exe
  41. C:\Windows\system32\WUDFHost.exe
  42. C:\Windows\system32\dllhost.exe
  43. C:\Windows\System32\msdtc.exe
  44. c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
  45. C:\Windows\system32\Dwm.exe
  46. C:\hp\support\hpsysdrv.exe
  47. C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
  48. C:\Windows\RtHDVCpl.exe
  49. C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
  50. C:\Windows\system32\schtasks.exe
  51. C:\Program Files\Microsoft LifeChat\LifeChat.exe
  52. C:\Windows\System32\rundll32.exe
  53. C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
  54. C:\Program Files\Spyware Doctor\pctsTray.exe
  55. C:\Windows\ehome\ehtray.exe
  56. C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe
  57. C:\Program Files\Windows Live\Messenger\msnmsgr.exe
  58. C:\Windows\System32\p2phost.exe
  59. C:\Windows\ehome\ehmsas.exe
  60. C:\Windows\system32\DllHost.exe
  61. C:\Windows\system32\DllHost.exe
  62. C:\Windows\explorer.exe
  63. C:\Windows\system32\schtasks.exe
  64. C:\Program Files\Windows Live\Messenger\usnsvc.exe
  65. C:\Program Files\AWC\AWC.exe
  66. C:\Program Files\Mozilla Firefox\firefox.exe
  67. C:\Windows\system32\SearchProtocolHost.exe
  68. C:\Windows\system32\SearchFilterHost.exe
  69. C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  70.  
  71. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  72. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  73. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
  74. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  75. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  76. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
  77. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  78. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  79. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
  80. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
  81. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
  82. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  83. O1 - Hosts: ::1 localhost
  84. O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
  85. O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  86. O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
  87. O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL
  88. O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  89. O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
  90. O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
  91. O2 - BHO: BitDownload BHO - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - (no file)
  92. O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
  93. O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
  94. O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
  95. O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
  96. O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
  97. O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
  98. O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
  99. O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
  100. O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
  101. O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  102. O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
  103. O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
  104. O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
  105. O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
  106. O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
  107. O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\BITTOR~1\BitP.exe
  108. O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
  109. O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  110. O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  111. O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
  112. O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
  113. O4 - HKCU\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun
  114. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
  115. O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
  116. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
  117. O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
  118. O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: []  (User '?')
  119. O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun (User '?')
  120. O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
  121. O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
  122. O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
  123. O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
  124. O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  125. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  126. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  127. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  128. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  129. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  130. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  131. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  132. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  133. O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
  134. O13 - Gopher Prefix:
  135. O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
  136. O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.0.cab
  137. O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
  138. O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/crusher-kiwen.cab
  139. O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger76480\Program\GAPlugProtocol-8876480.dll
  140. O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
  141. O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  142. O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
  143. O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver50\Intel 32\IDriverT.exe
  144. O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  145. O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
  146. O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
  147. O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
  148. O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared.0\SharedCOM\RoxMediaDB9.exe
  149. O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
  150. O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
  151. O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
  152. O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
  153.  
  154. --
  155. End of file - 10875 bytes
  156.  
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

# R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
# R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
# R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
# R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
# R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
# R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
# O1 - Hosts: ::1 localhost
# O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s

Fix those with hijackthis, but also wait for others to add advice. This is the first time I've ever seen a Vista log and there's a lot of things in there I don't recognize but may be part of Vista.
  • Mr OBrien
  • Graduate
  • Graduate
  • User avatar
  • Posts: 182
  • Loc: down a creek without a paddle

Post 3+ Months Ago

note O1 - Hosts: ::1 localhost is a good entry do not fix it
  • Mr OBrien
  • Graduate
  • Graduate
  • User avatar
  • Posts: 182
  • Loc: down a creek without a paddle

Post 3+ Months Ago

fix:
* O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

* O2 - BHO: BitDownload BHO - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - (no file)

* O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\BITTOR~1\BitP.exe

* R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

* R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

* R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

* R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

* R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

* R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

* O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Mr OBrien wrote:
note O1 - Hosts: ::1 localhost is a good entry do not fix it

That's why I'm uncomfortable with Vista logs. Just found out that's the IPv6 loopback. That doesn't exist prior to Vista.
  • qcrist
  • Newbie
  • Newbie
  • qcrist
  • Posts: 6

Post 3+ Months Ago

Mr OBrien wrote:
fix:
* O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

* O2 - BHO: BitDownload BHO - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - (no file)

* O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\BITTOR~1\BitP.exe

* R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

* R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

* R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

* R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

* R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

* R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

* O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s


Better??

Quote:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:14:10 AM, on 9/1/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\DebugDiag\DbgSvc.exe
C:\Windows\Explorer.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\dllhost.exe
C:\Windows\System32\msdtc.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\DllHost.exe
C:\Windows\ehome\ehmsas.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Quintin C\AppData\Roaming\Symantec\Layouts\Norton 360.0\English
Mr OBrien wrote:
fix:
* O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

* O2 - BHO: BitDownload BHO - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - (no file)

* O4 - HKLM\..\Run: [mobiswing] C:\PROGRA~1\BITTOR~1\BitP.exe

* R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

* R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

* R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

* R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

* R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

* R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

* O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s


Better??

Quote:
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:14:10 AM, on 9/1/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: Normal Running processes:C:\Windows\System32\smss.exeC:\Windows\system32\csrss.exeC:\Windows\system32\wininit.exeC:\Windows\system32\csrss.exeC:\Windows\system32\services.exeC:\Windows\system32\lsass.exeC:\Windows\system32\lsm.exeC:\Windows\system32\winlogon.exeC:\Windows\system32\svchost.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\system32\svchost.exeC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exeC:\Windows\system32\rundll32.exeC:\Windows\system32\svchost.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exeC:\Windows\system32\Dwm.exeC:\Program Files\DebugDiag\DbgSvc.exeC:\Windows\Explorer.EXEc:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Windows\system32\svchost.exeC:\Program Files\Spyware Doctor\pctsAuxs.exeC:\Program Files\Spyware Doctor\pctsSvc.exeC:\Windows\system32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Spyware Doctor\pctsTray.exeC:\Windows\system32\DRIVERS\xaudio.exeC:\Windows\system32\WUDFHost.exeC:\Windows\system32\dllhost.exeC:\Windows\System32\msdtc.exeC:\hp\support\hpsysdrv.exeC:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exeC:\Windows\RtHDVCpl.exeC:\Program Files\HP\HP Software Update\hpwuSchd2.exeC:\Windows\system32\schtasks.exeC:\Program Files\Microsoft LifeChat\LifeChat.exeC:\Windows\System32\rundll32.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Windows\ehome\ehtray.exeC:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Windows\system32\DllHost.exeC:\Windows\ehome\ehmsas.exec:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Program Files\Windows Live\Messenger\usnsvc.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Quintin C\AppData\Roaming\Symantec\Layouts\Norton 360\2.0\English\0E743DD31FF89B86DBEBF1C48C5BAFF874A5B132\20080103\Setup.exeC:\Windows\System32\mobsync.exeC:\Program Files\Windows Media Player\wmplayer.exeC:\Program Files\MediaCoder\mediacoder.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files\FLV Player\FLVPlayer.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... =desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... =desktopO1 - Hosts: ::1 localhostO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLLO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dllO4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exeO4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exeO4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exeO4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRunO4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun (User '?')O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dllO13 - Gopher Prefix: O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CABO16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 1.0.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dllO16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/cr ... wen.cabO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dllO23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exeO23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exeO23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exeO23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exeO23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe --End of file - 9897 bytes [/code]E743DD31FF89B86DBEBF1C48C5BAFF874A5B132080103\Setup.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\MediaCoder\mediacoder.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\FLV Player\FLVPlayer.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun (User '?')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.0.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/crusher-kiwen.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger76480\Program\GAPlugProtocol-8876480.dll
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver50\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9897 bytes
[/code]E743DD31FF89B86DBEBF1C48C5BAFF874A5B132080103\Setup.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\MediaCoder\mediacoder.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\FLV Player\FLVPlayer.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Call HoverToCall class - {7E853D72-626A-48EC-A868-BA8D5E23E045} - C:\Program Files\Windows Live\Messenger\HTC.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-2856157678-1642422914-215757614-1000\..\Run: [WindowsLivePhone] "C:\PROGRA~1\WI1F86~1\MESSEN~1\DEVICE~1\msgrdvmn.exe" /AutoRun (User '?')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.0.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/crusher-kiwen.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger76480\Program\GAPlugProtocol-8876480.dll
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver50\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9897 bytes



sadly it doesnt work..but Thanks For the Help
  • Mr OBrien
  • Graduate
  • Graduate
  • User avatar
  • Posts: 182
  • Loc: down a creek without a paddle

Post 3+ Months Ago

You are fine.

i cant help you with those problems i will look some stuff up and see if i find the solution.Im still a little new to vista.

Post Information

  • Total Posts in this topic: 12 posts
  • Users browsing this forum: No registered users and 56 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.