hijack this log

edifier · 11-11-2006, 08:44 PM

Even though you uninstalled Norton, there are still 2 Norton services running. Lets get rid of those and some other unnecessary startup items.Do the following. If you can access the below manually, take it out, if not, leave it.

Run HijackThis and put a check by the following entries, close all open windows and browsers except HijackThis and click 'Fix Checked'

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY... on&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TY... on&pf=lapto
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

You might have to go into your messengers and select disable at startup.

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\Go ogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavili on&pf=laptop

Exit 'HJT'.

On your desktop, click 'start/run' and type in services.msc and click okay.

Look for both of these entries.

Automatic LiveUpdate Scheduler or ALUSchedulerSvc.exe
Symantec Core LC or symlcsvc.exe

Select Stop/apply and okay.

Open HijackThis and select - Misc. Tools/Delete an NT Service

Type in one at a time -Automatic LiveUpdate Scheduler and Symantec Core LC - make sure the spelling is EXACT.

Don't reboot until both have been entered.

Now let's see if it starts up quicker now.

spkenn5 · 11-11-2006, 09:01 PM

symantec core LC is critical, couldnt be erased.

should i restart now?

computermaineack · 11-11-2006, 11:20 PM

Here's a few problems:

O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe - Virus

O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" - Possibly a Trojan

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) - Possibly Nasty

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) - Possbily Nasty

edifier · 11-11-2006, 11:28 PM

Quote:

Originally Posted by computermaineack

Here's a few problems:

O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe - Virus

O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" - Possibly a Trojan

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) - Possibly Nasty

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) - Possbily Nasty

Try again. All LEGIT.

computermaineack · 11-11-2006, 11:33 PM

Quote:

Originally Posted by edifier

Try again. All LEGIT.

Not according to Hijackthis...look over the analysis here: http://hijackthis.de/logfiles/77db63...9950685e2.html

edifier · 11-11-2006, 11:38 PM

Before you start posting from that, learn how to use it first. Beside where it says 'Nasty', click on the gold stars below 'Hit Rate'. As you will see, it is perfectly LEGIT!.

computermaineack · 11-11-2006, 11:41 PM

Quote:

Originally Posted by edifier

Before you start posting from that, learn how to use it first. Beside where it says 'Nasty', click on the gold stars below 'Hit Rate'. As you will see, it is perfectly LEGIT!.

Yeah...if you have an HP/Compaq computer, which the OP doesn't.

spkenn5 · 11-13-2006, 06:22 PM

okay, restarted.. still stuck at the windows xp loading screen for 5+ mins =\

edifier · 11-13-2006, 06:52 PM

Run hijack this, click the "open misc. tool section" button, click "open uninstall manager>click save list,yes to the prompts, notepad will open with your add/remove programs list.Post that list here.

spkenn5 · 11-13-2006, 11:20 PM

i did system restore and see if it helps, but no help at all..

heres the result

Adobe Photoshop 6.0
Adobe Reader 6.0.1
Athlon 64 Processor Driver
ATI Control Panel
ATI Display Driver
Belkin N1 Wireless Notebook Card
CC_ccProxyExt
ccCommon
ccPxyCore
Conexant AC-Link Audio
Customer Experience Enhancement
Easy Internet Sign-up
ESPNMotion
GemMaster Mystic
Google Toolbar for Internet Explorer
HijackThis 1.99.1
Hotfix for Windows XP (KB896256)
HP Help and Support
HP Imaging Device Functions 6.0
HP Photosmart Premier Software 6.0
HP QuickPlay 2.0
HP Software Update
HP User Guides 0026
HP User Guides--System Recovery
HP Wireless Assistant 2.00 C1
iPod for Windows 2006-06-28
iTunes
J2SE Runtime Environment 5.0 Update 6
LiveUpdate 3.0 (Symantec Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.1
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Microsoft Works
Morpheus 5.2 (remove only)
MSRedist
muvee autoProducer 4.5
Norton AntiSpam
Norton AntiVirus 2006
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2006 (Symantec Corporation)
Norton Protection Center
Norton WMI Update
Norton WMI Update
Office 2003 Trial Assistant
Otto
Quick Launch Buttons 5.20 G1
Quicken 2006
QuickTime
Retrospect 6.5
Rhapsody
Rhapsody Player Engine
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Soft Data Fax Modem with SmartCP
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic Update Manager
SonicAC3Encoder
SonicMPEGEncoder
SPBBC
Spy Sweeper
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TourSetup
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
URGE
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB884575
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885464
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB888402
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890546
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892559
Windows XP Media Center Edition 2005 KB908250
Wireless Home Network Setup

and i am thinking of rebooting the OS

11-11-2006, 09:01 PM	#2 (permalink)
spkenn5 Silver Member Join Date: Jan 2006 Location: Philadelphia,PA Age: 21 Posts: 191	symantec core LC is critical, couldnt be erased. should i restart now? __________________ Intel Pentium 4 3.0ghz MSI Dekstop Board Nvidia Geforce FX5200 128 Mb (NEED TO CHANGE) 1.5G Of RAM unknown 4 fans ^_^ 1 x Maxtor IDE 160GB :) NEW :) Aspire 350W Power supply eMachine 17' Monitor(NEED TO CHANGE) Windows XP Home Edition SP2

11-11-2006, 11:20 PM	#3 (permalink)
computermaineack Diamond Member Join Date: Dec 2004 Location: Connecticut Posts: 2,322	Here's a few problems: O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe - Virus O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" - Possibly a Trojan O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) - Possibly Nasty O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) - Possbily Nasty __________________ "In the beginning the Universe was created. This made a lot of people angry, and was widely regarded as a bad idea." -Douglas Adams CPU: Q6600 G0 Mobo: eVGA 680i NF67-A1 Case: Antec P180B GPU: eVGA 8800GTS G92 512mb HSF: Tuniq Tower 120 RAM: 4gb DDR2-800 Corsair XMS2 4-4-4-12 PSU: Antec True Power Trio 550w

11-13-2006, 06:22 PM	#8 (permalink)
spkenn5 Silver Member Join Date: Jan 2006 Location: Philadelphia,PA Age: 21 Posts: 191	okay, restarted.. still stuck at the windows xp loading screen for 5+ mins =\ __________________ Intel Pentium 4 3.0ghz MSI Dekstop Board Nvidia Geforce FX5200 128 Mb (NEED TO CHANGE) 1.5G Of RAM unknown 4 fans ^_^ 1 x Maxtor IDE 160GB :) NEW :) Aspire 350W Power supply eMachine 17' Monitor(NEED TO CHANGE) Windows XP Home Edition SP2

11-13-2006, 11:20 PM	#10 (permalink)
spkenn5 Silver Member Join Date: Jan 2006 Location: Philadelphia,PA Age: 21 Posts: 191	i did system restore and see if it helps, but no help at all.. heres the result Adobe Photoshop 6.0 Adobe Reader 6.0.1 Athlon 64 Processor Driver ATI Control Panel ATI Display Driver Belkin N1 Wireless Notebook Card CC_ccProxyExt ccCommon ccPxyCore Conexant AC-Link Audio Customer Experience Enhancement Easy Internet Sign-up ESPNMotion GemMaster Mystic Google Toolbar for Internet Explorer HijackThis 1.99.1 Hotfix for Windows XP (KB896256) HP Help and Support HP Imaging Device Functions 6.0 HP Photosmart Premier Software 6.0 HP QuickPlay 2.0 HP Software Update HP User Guides 0026 HP User Guides--System Recovery HP Wireless Assistant 2.00 C1 iPod for Windows 2006-06-28 iTunes J2SE Runtime Environment 5.0 Update 6 LiveUpdate 3.0 (Symantec Corporation) Microsoft .NET Framework 1.0 Hotfix (KB887998) Microsoft .NET Framework 1.1 Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Microsoft Works Morpheus 5.2 (remove only) MSRedist muvee autoProducer 4.5 Norton AntiSpam Norton AntiVirus 2006 Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security Norton Internet Security 2006 (Symantec Corporation) Norton Protection Center Norton WMI Update Norton WMI Update Office 2003 Trial Assistant Otto Quick Launch Buttons 5.20 G1 Quicken 2006 QuickTime Retrospect 6.5 Rhapsody Rhapsody Player Engine Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893066) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896422) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899589) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB901190) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB903235) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB911562) Security Update for Windows XP (KB911567) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB912919) Security Update for Windows XP (KB913446) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB916281) Security Update for Windows XP (KB917159) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917422) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB918899) Security Update for Windows XP (KB920214) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB921398) Security Update for Windows XP (KB921883) Security Update for Windows XP (KB922616) Soft Data Fax Modem with SmartCP Sonic Audio Module Sonic Copy Module Sonic Data Module Sonic Express Labeler Sonic Update Manager SonicAC3Encoder SonicMPEGEncoder SPBBC Spy Sweeper Synaptics Pointing Device Driver Texas Instruments PCIxx21/x515/xx12 drivers. TourSetup Update for Windows Media Player 10 (KB913800) Update for Windows XP (KB894391) Update for Windows XP (KB896727) Update for Windows XP (KB898461) Update for Windows XP (KB900485) Update for Windows XP (KB908531) Update for Windows XP (KB910437) Update for Windows XP (KB911280) Update for Windows XP (KB916595) URGE Windows Installer 3.1 (KB893803) Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 Windows XP Hotfix - KB873333 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB883667 Windows XP Hotfix - KB884575 Windows XP Hotfix - KB885250 Windows XP Hotfix - KB885464 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB885855 Windows XP Hotfix - KB885884 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB887742 Windows XP Hotfix - KB888113 Windows XP Hotfix - KB888239 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB888402 Windows XP Hotfix - KB889673 Windows XP Hotfix - KB890546 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB891781 Windows XP Hotfix - KB892559 Windows XP Media Center Edition 2005 KB908250 Wireless Home Network Setup and i am thinking of rebooting the OS __________________ Intel Pentium 4 3.0ghz MSI Dekstop Board Nvidia Geforce FX5200 128 Mb (NEED TO CHANGE) 1.5G Of RAM unknown 4 fans ^_^ 1 x Maxtor IDE 160GB :) NEW :) Aspire 350W Power supply eMachine 17' Monitor(NEED TO CHANGE) Windows XP Home Edition SP2

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

11-11-2006, 08:44 PM	#1 (permalink)
edifier Platinum Member Join Date: Jan 2006 Posts: 567	Even though you uninstalled Norton, there are still 2 Norton services running. Lets get rid of those and some other unnecessary startup items.Do the following. If you can access the below manually, take it out, if not, leave it. Run HijackThis and put a check by the following entries, close all open windows and browsers except HijackThis and click 'Fix Checked' R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY... on&pf=laptop R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TY... on&pf=lapto O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background You might have to go into your messengers and select disable at startup. O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\Go ogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavili on&pf=laptop Exit 'HJT'. On your desktop, click 'start/run' and type in services.msc and click okay. Look for both of these entries. Automatic LiveUpdate Scheduler or ALUSchedulerSvc.exe Symantec Core LC or symlcsvc.exe Select Stop/apply and okay. Open HijackThis and select - Misc. Tools/Delete an NT Service Type in one at a time -Automatic LiveUpdate Scheduler and Symantec Core LC - make sure the spelling is EXACT. Don't reboot until both have been entered. Now let's see if it starts up quicker now.

11-11-2006, 11:38 PM	#6 (permalink)
edifier Platinum Member Join Date: Jan 2006 Posts: 567	Before you start posting from that, learn how to use it first. Beside where it says 'Nasty', click on the gold stars below 'Hit Rate'. As you will see, it is perfectly LEGIT!.

11-13-2006, 06:52 PM	#9 (permalink)
edifier Platinum Member Join Date: Jan 2006 Posts: 567	Run hijack this, click the "open misc. tool section" button, click "open uninstall manager>click save list,yes to the prompts, notepad will open with your add/remove programs list.Post that list here.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
!Urgent!:: Application Hijack & Hijackthis log	Kilee	Computer Security	3	10-22-2005 09:44 PM
Hijack log help please	vaiolator	Computer Security	4	10-03-2005 11:30 PM
Hijack this Log	Foel	Computer Security	5	08-14-2005 10:37 AM
used mcfee, spybot, adware, etc. POPUP PERSISTS! HELP! Hijack log is here	genedna	Computer Security	6	08-06-2005 02:28 PM
Toshiba Hijack this log	ANNR	Computer Security	5	07-28-2005 07:05 PM