tonyadam
asked on
hijackthis file
Can someone please look at this HIJACKTHIS FILE and let me know if there are some items that should be removed? It appears that for some reason, AOL will attempt to start up and it also appears that IE will be become corrupted in the process. This in turn causes the router to disconnect. I know this sounds too convuluted but when I completely removed AOL, all seems to work ok. Here is the file.
Logfile of HijackThis v1.99.1
Scan saved at 10:22:08 AM, on 5/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e xe
C:\WINDOWS\system32\winlog on.exe
C:\WINDOWS\system32\servic es.exe
C:\WINDOWS\system32\lsass. exe
C:\WINDOWS\system32\svchos t.exe
C:\WINDOWS\System32\svchos t.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spools v.exe
C:\PROGRA~1\Grisoft\AVGFRE ~1\avgamsv r.exe
C:\PROGRA~1\Grisoft\AVGFRE ~1\avgupsv c.exe
C:\WINDOWS\System32\svchos t.exe
C:\windows\system\hpsysdrv .exe
C:\WINDOWS\system32\hkcmd. exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\spool\ drivers\w3 2x86\3\hpz tsb09.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\igfxtr ay.exe
C:\PROGRA~1\Grisoft\AVGFRE ~1\avgcc.e xe
C:\PROGRA~1\Grisoft\AVGFRE ~1\avgemc. exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper. exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\SpamBlockerUtility\B in\4.7.1.0 \SbOEAddOn .exe
C:\Program Files\Common Files\Real\Update_OB\reals ched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy. exe
C:\Program Files\HP\hpcoretech\hpcmpm gr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Cookie Washer\aolwasher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService .exe
C:\WINDOWS\System32\HPZipm 12.exe
C:\WINDOWS\system32\wuaucl t.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex. exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDispla y.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl. exe
C:\PROGRA~1\AMERIC~1.0\aol tray.exe
C:\WINDOWS\wanmpsvc.exe
C:\DOCUME~1\Owner\LOCALS~1 \Temp\Temp orary Directory 1 for hijackthis.zip\HijackThis. exe
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Default_Page _URL = http://qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Default_Sear ch_URL = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Default_Page _URL = http://qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Default_Sear ch_URL = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Search Bar = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Search Page = http://srch-qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\In ternet Explorer\Main,Start Page = http://qus7.hpwis.com/
R0 - HKCU\Software\Microsoft\In ternet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\In ternet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Wi ndows\Curr entVersion \Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=C:\WINDOWS\system 32\Userini t.exe
N3 - Netscape 7: user_pref("browser.search. defaulteng ine", "engine://C%3A%5CProgram%2 0Files%5CN etscape%5C Netscape%5 Csearchplu gins%5CSBW eb_01.src" ); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\defa ult\ilhkmd ta.slt\pre fs.js)
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0 B5F309A0E6 4} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2 06D7942484 F} - C:\PROGRA~1\SPYBOT~1\SDHel per.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7 D2660C9EC9 8} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-2 09B6AD74AC C} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-9 05236F6F65 5} - (no file)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2 561D68B201 2} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv .exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd. exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.ex e"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD .EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.ex e
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\ drivers\w3 2x86\3\hpz tsb09.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EX E"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtr ay.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE ~1\avgcc.e xe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE ~1\avgemc. exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA \GameDrvr. exe" /startup "C:\Program Files\WildTangent\Apps\CDA \cdaEngine 0500.dll"
O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumpre p 0 -k
O4 - HKLM\..\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsi gnav.exe -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper. exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe " -atboottime
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SpamBlocker] C:\Program Files\SpamBlockerUtility\B in\4.7.1.0 \SbOEAddOn .exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\reals ched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy. exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpm gr.exe"
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Age nt\mcupdat e.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Age nt\McAgent .exe
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Cookie Washer\washidx.exe "Owner"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe " /background
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [ccWasher] C:\Program Files\Cookie Washer\aolwasher.exe /0
O4 - Startup: Event Reminder.lnk = C:\Program Files\Mindscape\PrintMaste r\PMREMIND .EXE
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\PrintMaster 16\pmremind.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZUxdm080YYUS
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEA RCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2 \Office10\ EXCEL.EXE/ 3000
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-0 00103C116D 5} - C:\Program Files\Yahoo!\Common\ylogin .dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-0 00103C116D 5} - C:\Program Files\Yahoo!\Common\ylogin .dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-0 0010333D0A D} - C:\Program Files\Yahoo!\Messenger\yhe xbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-0 0010333D0A D} - C:\Program Files\Yahoo!\Messenger\yhe xbmes.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A 9046DEA8A2 1} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B 7D41EF1CB5 2} - C:\Program Files\AWS\WeatherBug\Weath er.exe (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C 7C580BBF70 0} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7 BF7B4D0BA6 C} (AOL Pictures Uploader Class) - http://pictures.aolcdn.com/ap/Resources/1.1.0.31/cab/aolpPlugins.10.1.0.0.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8 DC6B52AB35 B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5 A1EDB1D8A2 1} (McAfee.com Operating System Class) - http://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {8AB662FD-CFE0-4D68-96B8-1 28AFA3C68A 6} (CPrtTmpControl Object) - http://eshare.hpphoto.com/download/setup.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C 18E1ADA438 9} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsr vc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE ~1\avgamsv r.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE ~1\avgupsv c.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver \11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService .exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Age nt\mcupdmg r.exe (file missing)
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTS rvc.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc3 2.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm 12.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Logfile of HijackThis v1.99.1
Scan saved at 10:22:08 AM, on 5/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spools
C:\PROGRA~1\Grisoft\AVGFRE
C:\PROGRA~1\Grisoft\AVGFRE
C:\WINDOWS\System32\svchos
C:\windows\system\hpsysdrv
C:\WINDOWS\system32\hkcmd.
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\spool\
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\igfxtr
C:\PROGRA~1\Grisoft\AVGFRE
C:\PROGRA~1\Grisoft\AVGFRE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\SpamBlockerUtility\B
C:\Program Files\Common Files\Real\Update_OB\reals
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.
C:\Program Files\HP\hpcoretech\hpcmpm
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Cookie Washer\aolwasher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService
C:\WINDOWS\System32\HPZipm
C:\WINDOWS\system32\wuaucl
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDispla
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.
C:\PROGRA~1\AMERIC~1.0\aol
C:\WINDOWS\wanmpsvc.exe
C:\DOCUME~1\Owner\LOCALS~1
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\Wi
F2 - REG:system.ini: UserInit=C:\WINDOWS\system
N3 - Netscape 7: user_pref("browser.search.
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-2
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-9
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.ex
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.ex
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EX
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtr
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA
O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumpre
O4 - HKLM\..\Run: [webscan] C:\Program Files\Acceleration Software\Anti-Virus\stopsi
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SpamBlocker] C:\Program Files\SpamBlockerUtility\B
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\reals
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpm
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Age
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Age
O4 - HKLM\..\RunServicesOnce: [washindex] C:\Program Files\Cookie Washer\washidx.exe "Owner"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [ccWasher] C:\Program Files\Cookie Washer\aolwasher.exe /0
O4 - Startup: Event Reminder.lnk = C:\Program Files\Mindscape\PrintMaste
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\PrintMaster 16\pmremind.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZUxdm080YYUS
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEA
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-0
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-0
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-0
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-0
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B
O16 - DPF: {17492023-C23A-453E-A040-C
O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5
O16 - DPF: {8AB662FD-CFE0-4D68-96B8-1
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsr
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Age
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTS
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc3
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
and a second opinion http://www.hijackthis.de/logfiles/c24a363e486e98a57e63e23dd1c26d85.html
Tony, I normally use the URL of www.hijackthis.de for analysis.
I posted your log file and it was analyzed. You can access the results at this URL:
http://www.hijackthis.de/logfiles/d69d6e421c05b9f10c30c33db8a1eae5.html
You seem to have a few items that may need to be removed. If you choose to do so please remove them
while your system is in Safe Mode.
You might want to also check your Startup section for items that obviously do not belong.
You can do this by clicking on your Start button, selecting Run and typing in MSCONFIG.
Once the new window opens browse over to the Startup tab. If you identify items that do not belong you can
remove them. Reboot afterwards. If you have any questions on items found within the Startup area you can
Google for the definition(s).
Finally, HiJackthis.de stated that it appears you are not running a firewall or if you are it is one that they are
not familiar with. :-)
David
I posted your log file and it was analyzed. You can access the results at this URL:
http://www.hijackthis.de/logfiles/d69d6e421c05b9f10c30c33db8a1eae5.html
You seem to have a few items that may need to be removed. If you choose to do so please remove them
while your system is in Safe Mode.
You might want to also check your Startup section for items that obviously do not belong.
You can do this by clicking on your Start button, selecting Run and typing in MSCONFIG.
Once the new window opens browse over to the Startup tab. If you identify items that do not belong you can
remove them. Reboot afterwards. If you have any questions on items found within the Startup area you can
Google for the definition(s).
Finally, HiJackthis.de stated that it appears you are not running a firewall or if you are it is one that they are
not familiar with. :-)
David
ASKER
I have no idea what I'm doing incorrect but neither Firefox or IE will connect me to the www.hijackthis.de URL. I cannot connect to analyzed file either. Suggestions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Good info on the hosts file. If you are able to (when you can) download Spybot. During the setup phase make sure that you enable the Tea Timer function. You can download Spybot from this location. Clear all IE Temp files prior to scans and scan in Safe Mode.
http://www.safer-networking.org/en/download/
http://www.safer-networking.org/en/download/
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your help on this. The system has settled down but I think it has done so with your suggestions and because I have completely eliminated AOL. If it begins to act up again, I will get back to you but for now, I think we should close this out. Thanks again for everyone's help.
Here you go analised http://hjt.networktechs.com/parse.php?log=220883
PeteLong