Hello all...Please Help - Hijackthis log included - September 2004 - Forums

Logfile of HijackThis v1.97.7
Scan saved at 12:02:44 PM, on 9/3/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SYSTEM32\qttask.exe
C:\WINDOWS\wdskctl.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\WindUpdates\WinUpdt.exe
C:\documents and settings\preferredcustomer\local settings\temp\hTh.exe
C:\documents and settings\preferredcustomer\local settings\temp\eT2W.exe
C:\Program Files\WindUpdates\WinKA.exe
C:\Program Files\Common Files\WinTools\WToolsA.exe
C:\WINDOWS\System32\ureueng.exe
C:\documents and settings\preferredcustomer\local settings\temp\KnXmKb.exe
C:\documents and settings\preferredcustomer\local settings\temp\hTh.exe
C:\documents and settings\preferredcustomer\local settings\temp\eT2W.exe
C:\documents and settings\preferredcustomer\local settings\temp\KnXmKb.exe
C:\WINDOWS\system32\pcs\pcsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Common Files\Dpi\dpi.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\PreferredCustomer\Application Data\oalh.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\WinTools\WSup.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\PreferredCustomer\Local Settings\Temporary Internet Files\Content.IE5\7GN4NM15\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50171
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50171
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.comcast.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50171
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81C3A} - C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\EliteBar version 46.dll
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Documents and Settings\PreferredCustomer\Local Settings\Temp\xIb8GQd.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA880F} - C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\EliteBar version 46.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [Srng] \Program Files\Srng\Srng.exe
O4 - HKLM\..\Run: [wdskctl] C:\WINDOWS\wdskctl.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [hTh.exe] C:\documents and settings\preferredcustomer\local settings\temp\hTh.exe
O4 - HKLM\..\Run: [eT2W.exe] C:\documents and settings\preferredcustomer\local settings\temp\eT2W.exe
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common Files\WinTools\WToolsA.exe
O4 - HKLM\..\Run: [p4mX37T] ureueng.exe
O4 - HKLM\..\Run: [Sys] C:\windows\system32\winwdl32.exe
O4 - HKLM\..\Run: [KnXmKb.exe] C:\documents and settings\preferredcustomer\local settings\temp\KnXmKb.exe
O4 - HKLM\..\Run: [hTh] C:\documents and settings\preferredcustomer\local settings\temp\hTh.exe
O4 - HKLM\..\Run: [eT2W] C:\documents and settings\preferredcustomer\local settings\temp\eT2W.exe
O4 - HKLM\..\Run: [KnXmKb] C:\documents and settings\preferredcustomer\local settings\temp\KnXmKb.exe
O4 - HKLM\..\Run: [SysA] C:\windows\system32\winiuy32.exe
O4 - HKLM\..\Run: [Pcsv] C:\WINDOWS\system32\pcs\pcsvc.exe
O4 - HKLM\..\Run: [Dpi] C:\Program Files\Common Files\Dpi\dpi.exe
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msmc] C:\WINDOWS\System32\mscif.exe
O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Tuos] C:\Documents and Settings\PreferredCustomer\Application Data\oalh.exe
O4 - Startup: AdDestroyer.lnk = C:\Program Files\AdDestroyer\AdDestroyer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)
O9 - Extra button: Dell Home (HKCU)
O16 - DPF: Win32 Classes -
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - http://download.weatherbug.com/minibug/tricklers/AWS/minibuginstaller.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38021.3809027778
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

****I know this is a mess...it is my sisters computer and it freezes all the time with pop-up hell...yech.

Hello all...Please Help - Hijackthis log included

CNET Forums

Other Forums

Forum Info