Hijack this log** is there something that should be removed??

M

Mj79

New Member
ok i dont know what that error message was all about, but here it is ...


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:33:19 AM, on 10/31/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...estbuy&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...estbuy&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...estbuy&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...estbuy&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HelloWorldBHO - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.e xe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.e xe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10520 bytes
 
These can be disabled from startup.



O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
 
johnb35 said:
These can be disabled from startup.



O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
Click to expand...

Thank you :)

everything else looks good then? Sorry I'm pretty terrible with computers

also. When best buy charges $80 to remove the junk installed on the computer, what exactly is it. I looked in my add/remove list and there's a ton of stuff I have no idea what it is. But sure I don't need 1/2 of it.. And it seems like hp puts alot more crap in there computers than other companies

and does removing all that stuff make it run better or just free up HD space? Tryin to figure out what they do for 30 minutes that costs $80
 
Mj79 said:
Thank you :)

everything else looks good then? Sorry I'm pretty terrible with computers

also. When best buy charges $80 to remove the junk installed on the computer, what exactly is it. I looked in my add/remove list and there's a ton of stuff I have no idea what it is. But sure I don't need 1/2 of it.. And it seems like hp puts alot more crap in there computers than other companies

and does removing all that stuff make it run better or just free up HD space? Tryin to figure out what they do for 30 minutes that costs $80
Click to expand...

Whatever they do it's not worth the 80$ IMO. Most of them are just a bunch of salesmen and barely know much about computers at all.

Though we could take a look at your add/remove programs, if already have CCLeaner then just to the 'Tool's' menu on the left side press on save to text file and post the file up here, otherwise i suggest you download it, from filehippo, and do as i say above.

I haven't actually worked on any HP computers in a while but every computer manufacturer puts bloatware on their new pcs so it's worth it to let us take a look.
 
Respital said:
Whatever they do it's not worth the 80$ IMO. Most of them are just a bunch of salesmen and barely know much about computers at all.

Though we could take a look at your add/remove programs, if already have CCLeaner then just to the 'Tool's' menu on the left side press on save to text file and post the file up here, otherwise i suggest you download it, from filehippo, and do as i say above.

I haven't actually worked on any HP computers in a while but every computer manufacturer puts bloatware on their new pcs so it's worth it to let us take a look.
Click to expand...

doing it right now...
thank you too!
 
Acrobat.com Adobe Systems Incorporated 8/9/2009 1.61 MB
Adobe AIR Adobe Systems Inc. 8/9/2009
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 8/25/2009
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 10/31/2009
Adobe Reader 9.1 MUI Adobe Systems Incorporated 8/9/2009 650.3 MB
Apple Application Support Apple Inc. 10/31/2009 32.2 MB
Apple Mobile Device Support Apple Inc. 10/31/2009
Apple Software Update Apple Inc. 10/31/2009 2.16 MB
Avira AntiVir Personal - Free Antivirus Avira GmbH 10/31/2009
Bonjour Apple Inc. 10/31/2009
Broadcom 802.11 Wireless LAN Adapter Broadcom Corporation 8/9/2009
CCleaner Piriform 10/31/2009
Compatibility Pack for the 2007 Office system Microsoft Corporation 10/31/2009 133.8 MB
CyberLink DVD Suite CyberLink Corp. 8/9/2009 17.4 MB
ENE CIR Receiver Driver ENE 8/9/2009
HijackThis 2.0.2 TrendMicro 10/31/2009
Homepage Protection AOL Products 8/25/2009 812.0 MB
HP 3D DriveGuard Hewlett-Packard 8/25/2009
HP Advisor Hewlett-Packard 8/9/2009 48.2 MB
HP Customer Experience Enhancements Hewlett-Packard 8/9/2009
HP Games WildTangent 8/25/2009
HP MediaSmart DVD Hewlett-Packard 8/25/2009 101.1 MB
HP MediaSmart Internet TV Hewlett-Packard 8/25/2009 52.3 MB
HP MediaSmart Live TV Hewlett-Packard 8/25/2009 77.6 MB
HP MediaSmart Movie Themes Hewlett-Packard 8/25/2009 399.8 MB
HP MediaSmart Music/Photo/Video Hewlett-Packard 8/25/2009 401.5 MB
HP MediaSmart SlingPlayer Sling Media, Inc. 8/25/2009 70.9 MB
HP MediaSmart SmartMenu Hewlett-Packard 8/25/2009
HP MediaSmart Software Notebook Demo Hewlett-Packard 8/25/2009 47.8 MB
HP MediaSmart Webcam Hewlett-Packard 8/25/2009 81.7 MB
HP Quick Launch Buttons Hewlett-Packard 8/9/2009
HP Setup Hewlett-Packard 8/9/2009
HP Smart Web Printing Hewlett-Packard 8/9/2009
HP Support Assistant Hewlett-Packard 8/9/2009 24.4 MB
HP Update Hewlett-Packard 8/9/2009 2.97 MB
HP User Guides 0154 Hewlett-Packard 8/9/2009 153.7 MB
HP Wireless Assistant Hewlett-Packard 8/9/2009 3.97 MB
IDT Audio IDT 8/25/2009
Intel(R) Graphics Media Accelerator Driver Intel Corporation 8/9/2009
iTunes Apple Inc. 10/31/2009
Java(TM) 6 Update 14 (64-bit) Sun Microsystems, Inc. 8/9/2009
Java(TM) 6 Update 15 Sun Microsystems, Inc. 8/9/2009 97.5 MB
LabelPrint CyberLink Corp. 8/9/2009 280.9 MB
LightScribe System Software LightScribe 8/25/2009 22.5 MB
LSI HDA Modem LSI Corporation 8/9/2009
Microsoft Live Search Toolbar Microsoft Live Search Toolbar 8/25/2009
Microsoft Office Home and Student 60 day trial 8/9/2009
Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Corporation 10/31/2009 87.6 MB
Microsoft Silverlight Microsoft Corporation 10/31/2009 26.7 MB
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 10/31/2009
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 10/31/2009 0.25 MB
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 10/31/2009 0.20 MB
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 8/25/2009 0.58 MB
Microsoft Works Microsoft Corporation 10/31/2009 563.3 MB
Mozilla Firefox (3.5.4) Mozilla 10/31/2009
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 10/31/2009 1.28 MB
Power2Go CyberLink Corp. 8/9/2009 199.1 MB
PowerDirector CyberLink Corp. 8/9/2009 545.6 MB
QuickTime Apple Inc. 10/31/2009 76.5 MB
Realtek 8136 8168 8169 Ethernet Driver Realtek 8/25/2009
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 8/25/2009
SlingBoxWatchYourTVAnyWhere Sling Media 8/25/2009 43.9 MB
Smart Defrag 1.20 IObit 10/31/2009
Synaptics Pointing Device Driver Synaptics Incorporated 8/9/2009
Windows Live Essentials Microsoft Corporation 8/9/2009
Windows Live Sign-in Assistant Microsoft Corporation 8/9/2009 1.94 MB
Windows Live Upload Tool Microsoft Corporation 8/9/2009 0.22 MB
 
johnb35 said:
These can be disabled from startup.



O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
Click to expand...

Why not just tell him to disable those in ccleaner startup rather than delete them?
 
There are many ways to disable programs from running at bootup. I use msconfig, others use 3rd party programs. I just told him what he could disable.
 
Thanks guys.


Post 6 is my programs. Do you see any bloatware in there I can delete. I'm sure there's a ton of it, but will not pay BB to do it.
 
You must log in or register to reply here.
Back
Top