|
Home Forum Radio Memberlist Help Search Quick Links | |
|
#11
12-05-2005, 07:58 PM
|
|||
|
|||
|
Here it is, thanks!
StartupList report, 12/5/2005, 8:56:51 PM StartupList version: 1.52.2 Started from : C:\Program Files\HijackThis 1.99.1\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\BCMSMMSG.exe C:\WINDOWS\System32\DSentry.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\System32\hphmon05.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Picasa\PicasaMediaDetector.exe C:\Program Files\DIGStream\digstream.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe C:\Palm\HOTSYNC.EXE C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\ewido\security suite\ewidoctrl.exe C:\WINDOWS\system32\LxrJD31s.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HijackThis 1.99.1\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\sean\Start Menu\Programs\Startup] HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE Shell folders Common Startup: [C:\Documents and Settings\All Users\Start Menu\Programs\Startup] Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run ATIModeChange = Ati2mdxx.exe BCMSMMSG = BCMSMMSG.exe ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe DVDSentry = C:\WINDOWS\System32\DSentry.exe HPDJ Taskbar Utility = C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe HPHUPD05 = C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe HP Component Manager = "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" HPHmon05 = C:\WINDOWS\System32\hphmon05.exe tgcmd = "C:\Program Files\support.com\bin\tgcmd.exe" /server HP Software Update = "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer LVCOMSX = C:\WINDOWS\System32\LVCOMSX.EXE IEXPLORE.EXE = C:\Program Files\Internet Explorer\IEXPLORE.EXE ccRegVfy = "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" MoneyStartUp10.0 = "C:\Program Files\Microsoft Money\System\Activation.exe" MMTray = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe mmtask = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe LogitechVideoTray = C:\Program Files\Logitech\Video\LogiTray.exe LogitechVideoRepair = C:\Program Files\Logitech\Video\ISStart.exe LifeScape Media Detector = C:\Program Files\Picasa\PicasaMediaDetector.exe DIGStream = C:\Program Files\DIGStream\digstream.exe AdaptecDirectCD = "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run (Default) = DellSupport = "C:\Program Files\Dell Support\DSAgnt.exe" /startup MoneyAgent = "C:\Program Files\Microsoft Money\System\Money Express.exe" LogitechSoftwareUpdate = "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot LDM = \Program\BackWeb-8876480.exe -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\biogems.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry key not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872} -------------------------------------------------- Enumerating Task Scheduler jobs: HP DArC Task #Hewlett-Packard#7900#CN395320RYEV.job HP Usg Daily.job Norton AntiVirus - Scan my computer.job Symantec NetDetect.job -------------------------------------------------- Enumerating Download Program Files: [symsupportutil] CODEBASE = https://www-secure.symantec.com/tech...upportutil.CAB OSD = C:\WINDOWS\Downloaded Program Files\OSD4A.OSD [QuickTime Object] InProcServer32 = C:\Program Files\QuickTime\QTPlugin.ocx CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab [Shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\SYSTEM32\Macromed\Director\SwDir.dll CODEBASE = http://download.macromedia.com/pub/s...irector/sw.cab [Windows Genuine Advantage Validation Tool] InProcServer32 = C:\WINDOWS\System32\LegitCheckControl.DLL CODEBASE = http://go.microsoft.com/fwlink/?link...67&clcid=0x409 [YInstStarter Class] InProcServer32 = C:\Program Files\Yahoo!\Common\yinsthelper.dll CODEBASE = C:\Program Files\Yahoo!\Common\yinsthelper.dll [{33564D57-0000-0010-8000-00AA00389B71}] CODEBASE = http://download.microsoft.com/downlo...22/wmv9VCM.CAB [Snapfish Activia] InProcServer32 = C:\WINDOWS\Downloaded Program Files\SnapfishActivia1000.ocx CODEBASE = http://www.snapfish.com/SnapfishActivia.cab [AcDcToday Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\ACDCTO~1.OCX CODEBASE = file://C:\Program Files\AutoCAD Architectural 2\AcDcToday.ocx [{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}] CODEBASE = http://fpdownload.macromedia.com/get.../ultrashim.cab [InstallShield International Setup Player] InProcServer32 = c:\windows\downlo~1\isetup.dll CODEBASE = http://www.installengine.com/engine/isetup.cab [MsnMessengerSetupDownloadControl Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx CODEBASE = http://messenger.msn.com/download/Ms...Downloader.cab [NOXLATE] InProcServer32 = C:\WINDOWS\DOWNLO~1\InstFred.ocx CODEBASE = file://C:\Program Files\AutoCAD Architectural 2\InstFred.ocx [Shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx CODEBASE = http://download.macromedia.com/pub/s...sh/swflash.cab [ActiveDataObj Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\ActiveData.dll CODEBASE = https://www-secure.symantec.com/tech...ActiveData.cab [AcPreview Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\ACPREV~1.OCX CODEBASE = file://C:\Program Files\AutoCAD Architectural 2\AcPreview.ocx -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\System32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll -------------------------------------------------- End of report, 9,619 bytes Report generated in 0.703 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only 
|
|
#12
12-05-2005, 08:14 PM
|
||||
|
||||
|
Ok, click start/ run and in the space type msconfig
Then tick the startup tab. Now in the list of ticked items look for those entries that contain Adobe acrobat Adobe Gamma Loader DvzIncMsgr Logitech Desktop Microsoft Office Messenger DirectCD or Roxio MUSICMATCH Jukebox DSAgnt Money Express If any of these line***ist, uncheck then all then click apply and reboot when prompted to.Leave all other entries alone as some are nessecary.
|
|
#13
12-05-2005, 09:33 PM
|
|||
|
|||
|
Ok, I did that but when it restarts and gets back on I immediately get a window that tells me that I'm not in normal startup mode anymore and to go back and put it in normal startup mode and the settings will get changed back. Also, for 30 seconds or so, I get a notice that norton firewall is disabled. That fixes itself but when I try to close the first window it tells me I need to restart. I'll copy the new hijack this startup report....
StartupList report, 12/5/2005, 10:32:22 PM StartupList version: 1.52.2 Started from : C:\Program Files\HijackThis 1.99.1\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\BCMSMMSG.exe C:\WINDOWS\System32\DSentry.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe C:\WINDOWS\System32\hphmon05.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\DIGStream\digstream.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\ewido\security suite\ewidoctrl.exe C:\WINDOWS\system32\LxrJD31s.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\HijackThis 1.99.1\HijackThis.exe -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run ATIModeChange = Ati2mdxx.exe BCMSMMSG = BCMSMMSG.exe ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe DVDSentry = C:\WINDOWS\System32\DSentry.exe HPDJ Taskbar Utility = C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe HPHUPD05 = C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe HPHmon05 = C:\WINDOWS\System32\hphmon05.exe tgcmd = "C:\Program Files\support.com\bin\tgcmd.exe" /server HP Software Update = "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" Symantec NetDriver Monitor = C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer LVCOMSX = C:\WINDOWS\System32\LVCOMSX.EXE ccRegVfy = "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" DIGStream = C:\Program Files\DIGStream\digstream.exe MSConfig = C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run (Default) = LDM = \Program\BackWeb-8876480.exe -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\biogems.scr drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry key not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872} -------------------------------------------------- Enumerating Task Scheduler jobs: HP DArC Task #Hewlett-Packard#7900#CN395320RYEV.job HP Usg Daily.job Norton AntiVirus - Scan my computer.job Symantec NetDetect.job -------------------------------------------------- Enumerating Download Program Files: [symsupportutil] CODEBASE = https://www-secure.symantec.com/tech...upportutil.CAB OSD = C:\WINDOWS\Downloaded Program Files\OSD4A.OSD [QuickTime Object] InProcServer32 = C:\Program Files\QuickTime\QTPlugin.ocx CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab [Shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\SYSTEM32\Macromed\Director\SwDir.dll CODEBASE = http://download.macromedia.com/pub/s...irector/sw.cab [Windows Genuine Advantage Validation Tool] InProcServer32 = C:\WINDOWS\System32\LegitCheckControl.DLL CODEBASE = http://go.microsoft.com/fwlink/?link...67&clcid=0x409 [YInstStarter Class] InProcServer32 = C:\Program Files\Yahoo!\Common\yinsthelper.dll CODEBASE = C:\Program Files\Yahoo!\Common\yinsthelper.dll [{33564D57-0000-0010-8000-00AA00389B71}] CODEBASE = http://download.microsoft.com/downlo...22/wmv9VCM.CAB [Snapfish Activia] InProcServer32 = C:\WINDOWS\Downloaded Program Files\SnapfishActivia1000.ocx CODEBASE = http://www.snapfish.com/SnapfishActivia.cab [AcDcToday Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\ACDCTO~1.OCX CODEBASE = file://C:\Program Files\AutoCAD Architectural 2\AcDcToday.ocx [{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}] CODEBASE = http://fpdownload.macromedia.com/get.../ultrashim.cab [InstallShield International Setup Player] InProcServer32 = c:\windows\downlo~1\isetup.dll CODEBASE = http://www.installengine.com/engine/isetup.cab [MsnMessengerSetupDownloadControl Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx CODEBASE = http://messenger.msn.com/download/Ms...Downloader.cab [NOXLATE] InProcServer32 = C:\WINDOWS\DOWNLO~1\InstFred.ocx CODEBASE = file://C:\Program Files\AutoCAD Architectural 2\InstFred.ocx [Shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx CODEBASE = http://download.macromedia.com/pub/s...sh/swflash.cab [ActiveDataObj Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\ActiveData.dll CODEBASE = https://www-secure.symantec.com/tech...ActiveData.cab [AcPreview Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\ACPREV~1.OCX CODEBASE = file://C:\Program Files\AutoCAD Architectural 2\AcPreview.ocx -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\System32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll -------------------------------------------------- End of report, 7,547 bytes Report generated in 0.093 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only
|
|
#14
12-05-2005, 09:37 PM
|
||||
|
||||
|
Recheck all the entries you unchecked. Then go one by one. I suspect you disabled a nessecary entry.
|
 |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
|
|
|
||
|
|
|
It appears you have not yet registered with our community
which limits what you can do & see. It's Free To register, please click here.
Linear Mode
