HJT Log...Wondering If I could get some Assistance

[n64jive]

HJT Log

 

 

 

My computer's been acting up a lil bit, so I did some virus scans and Adware scans and Defragmented and Deleted temp files.

 

 

 

I was wondering if someone could check out this log.

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 4:03:22 PM, on 4/25/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16414)



Running processes:

C:\WINDOWS\System32\smss[Caution: Executable File]

C:\WINDOWS\system32\winlogon[Caution: Executable File]

C:\WINDOWS\system32\services[Caution: Executable File]

C:\WINDOWS\system32\lsass[Caution: Executable File]

C:\WINDOWS\system32\svchost[Caution: Executable File]

C:\WINDOWS\System32\svchost[Caution: Executable File]

C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: Executable File]

C:\WINDOWS\system32\spoolsv[Caution: Executable File]

C:\PROGRA~1\Grisoft\AVG7\avgamsvr[Caution: Executable File]

C:\PROGRA~1\Grisoft\AVG7\avgupsvc[Caution: Executable File]

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: Executable File]

C:\WINDOWS\system32\HPZipm12[Caution: Executable File]

C:\WINDOWS\system32\svchost[Caution: Executable File]

C:\WINDOWS\Explorer[Caution: Executable File]

C:\WINDOWS\system32\hkcmd[Caution: Executable File]

C:\Program Files\Java\jre1.5.0_11\bin\jusched[Caution: Executable File]

C:\WINDOWS\system32\hphmon06[Caution: Executable File]

C:\PROGRA~1\Grisoft\AVG7\avgcc[Caution: Executable File]

C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]

C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: Executable File]

C:\Program Files\HP\Digital Imaging\bin\hpqtra08[Caution: Executable File]

C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

C:\Program Files\HP\Digital Imaging\bin\hpqimzone[Caution: Executable File]

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08[Caution: Executable File]

C:\Documents and Settings\HP_Owner\My Documents\HijackThis[Caution: Executable File]

C:\Program Files\Mozilla Firefox\firefox[Caution: Executable File]



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

O1 - Hosts: 69.61.60.61 mozor.swiftirc.net

O1 - Hosts: 88.191.36.51 mozor.swiftirc.net

O1 - Hosts: 208.53.170.149 mozor.swiftirc.net

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd[Caution: Executable File]

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched[Caution: Executable File]"

O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06[Caution: Executable File]

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc[Caution: Executable File] /STARTUP

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: Executable File]"

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: Executable File]"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier[Caution: Executable File]

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08[Caution: Executable File]

O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08[Caution: Executable File]

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL[Caution: Executable File]/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag[Caution: Executable File] (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag[Caution: Executable File] (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File]

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146785664046

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr[Caution: Executable File]

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc[Caution: Executable File]

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: Executable File]

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService[Caution: Executable File]

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12[Caution: Executable File]

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: Executable File]

[scorpus57]

I see you are using Internet Explorer.

 

 

 

I good tip would be to get Firefox

 

 

 

I use and its a great web interface

 

 

 

Windows Defender is a good real time virus protection (Genuine Windows XP/Vista only)

 

 

 

If your computer gets really stuffed, backup your stuff and reinstall Windows.

[adi]

Try running a scan in safe mode using Avast antivirus

[n64jive]

I see you are using Internet Explorer.

 

 

 

I good tip would be to get Firefox

 

 

 

I use and its a great web interface

 

 

 

Windows Defender is a good real time virus protection (Genuine Windows XP/Vista only)

 

 

 

If your computer gets really stuffed, backup your stuff and reinstall Windows.

 

 

 

I use firefox...I don't see where you see internet explorer, but if you look under running processes, you can see firefox.

[Cruiser]

I see you are using Internet Explorer.

 

 

 

I good tip would be to get Firefox

 

 

 

I use and its a great web interface

 

 

 

Windows Defender is a good real time virus protection (Genuine Windows XP/Vista only)

 

 

 

If your computer gets really stuffed, backup your stuff and reinstall Windows.

 

 

 

1) No he isn't using IE. That is the homepage setting for IE. It's currently set to an HP Pavilion home page because (shock!) that's what HP sets it to before it's sold.

 

2) Windows Defender has been proven to suck. It works if you don't have other protection, but that isn't the case. He already has AVG and ZoneAlarm installed, so using Defender would be a step backwards.

 

Conclusion: You shouldn't be reading and replying to HJT logs. People like you break things.

 

 

 

I don't see anything major jumping out of the log. All of it looks like the basic Windows services and bundled HP helper software.