No reply in 4 days. Still need help.

View previous topic View next topic Go down

No reply in 4 days. Still need help.

Post by DebC on 19th July 2010, 11:33 am

Ok, it's Monday and no one responded to my query from last week, (This is regarding a PSSWCORE alert I get at start up) so I looked around on the site and came across someone else having the same problem. This is what they said to do:

Post 10- Re: Help plz
by DragonMaster Jay on Fri 14 May 2010, 9:24 pm

.Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

•Double-click SystemLook.exe to run it.

•Copy the content of the following codebox into the main textfield:

Code:

:regfind
PSSWCORE

•Click the Look button to start the scan.

•When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.



**So here is the log file**

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 06:24 on 19/07/2010 by Deb (Administrator - Elevation successful)

========== regfind ==========

Searching for "PSSWCORE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\990BFB432B7059E46A3737266D80662A]
"ProductName"="PSSWCORE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\990BFB432B7059E46A3737266D80662A]
"ProductName"="PSSWCORE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\990BFB432B7059E46A3737266D80662A]
"ProductName"="PSSWCORE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\990BFB432B7059E46A3737266D80662A]
"ProductName"="PSSWCORE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\990BFB432B7059E46A3737266D80662A\SourceList]
"PackageName"="PSSWCORE.msi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\990BFB432B7059E46A3737266D80662A\SourceList]
"PackageName"="PSSWCORE.msi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\{0DAAD6DF-AB65-4DA0-9B25-8556FB8CE5AC}]
"name"="PSSWCORE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Hewlett-Packard\{0DAAD6DF-AB65-4DA0-9B25-8556FB8CE5AC}]
"name"="PSSWCORE"

-=End Of File=-

Can ANYONE tell me what to do next please?

DebC
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2010-05-09
Gender Gender : Female
OS OS : Vista
Points Points : 24818
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by Kenny94 on 19th July 2010, 2:04 pm

Hi

This is a tech problem. I 'll try to help you with this. Have you installed HP Photosmart printer recently?

Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33521
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by DebC on 19th July 2010, 2:09 pm

No. Thats the weird thing. I have had the same wireless printer installed with this laptop for months. This just popped up one day. All of our software disks are packed away as we are preparing to move, but it asks for me to insert some disk. Odd.

DebC
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2010-05-09
Gender Gender : Female
OS OS : Vista
Points Points : 24818
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by Kenny94 on 19th July 2010, 2:17 pm

Lets take a look.

Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool.
  • When done, DDS will open two (2) logs
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop.
  • The instructions here ask you to attach the Attach.txt.


  • Instead of attaching, please copy/past both logs into your Thread

  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control [You must be registered and logged in to see this link.]Then post your DDS (DDS.txt and Attach.txt



Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33521
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by DebC on 19th July 2010, 2:56 pm


DDS (Ver_10-03-17.01) - NTFSx86
Run by Deb at 9:52:33.14 on Mon 07/19/2010
Internet Explorer: 8.0.6001.18928
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3002.1569 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\DllHost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\Explorer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Deb\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
mURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\tbPage.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.8.0.41\IPSBHO.DLL
BHO: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\tbPage.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: : {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers client\YontooIEClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.8.0.41\coIEPlg.dll
TB: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\tbPage.dll
TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: CabBuilder - [You must be registered and logged in to see this link.]
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - [You must be registered and logged in to see this link.]
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {36299202-09EF-4ABF-ADB9-47C599DBE778} - [You must be registered and logged in to see this link.]
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - [You must be registered and logged in to see this link.]
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - [You must be registered and logged in to see this link.]
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - [You must be registered and logged in to see this link.]
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - [You must be registered and logged in to see this link.]
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - [You must be registered and logged in to see this link.]
DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} - [You must be registered and logged in to see this link.]
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [You must be registered and logged in to see this link.]
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.8.0.41\CoIEPlg.dll
Notify: igfxcui - igfxdev.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0308000.029\SymEFA.sys [2010-1-27 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0308000.029\BHDrvx86.sys [2010-1-27 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0308000.029\cchpx86.sys [2010-1-27 482432]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100716.001\IDSvix86.sys [2010-7-16 344112]
R2 N360;Norton 360;c:\program files\norton 360\engine\3.8.0.41\ccSvcHst.exe [2010-1-27 117640]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2009-4-22 365952]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-4-22 193840]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-31 102448]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-29 112128]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\n360\0308000.029\symndisv.sys [2010-1-27 48688]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-20 16896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca1bbd238535f0;Google Update Service (gupdate1ca1bbd238535f0);c:\program files\google\update\GoogleUpdate.exe [2009-8-12 133104]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-07-13 16:16:27 0 d-----w- c:\program files\Virtual Earth 3D
2010-07-12 00:30:55 0 d-----w- c:\program files\TrendMicro
2010-07-11 10:46:30 0 d-sh--w- c:\windows\system32\%APPDATA%
2010-07-04 00:27:18 0 d-sh--w- C:\$RECYCLE.BIN
2010-06-30 16:39:04 1401344 ----a-w- c:\users\deb\HijackThis.msi
2010-06-29 23:07:33 0 d-----r- c:\program files\Norton Support
2010-06-28 00:48:27 574464 ----a-w- c:\users\deb\OTL.exe
2010-06-23 08:02:41 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-23 08:02:40 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-23 08:02:40 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-23 08:02:40 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-23 08:02:40 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-23 02:26:53 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-23 02:26:53 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-21 11:08:07 61440 ----a-w- c:\windows\system32\athihvui.dll
2010-06-21 11:08:07 397312 ----a-w- c:\windows\system32\athihvs.dll
2010-06-21 11:08:07 0 d-----w- c:\windows\system32\nn-NO
2010-06-21 11:02:27 766 ----a-w- c:\windows\system\CRIcon.ico

==================== Find3M ====================

2010-06-21 11:09:00 51200 ----a-w- c:\windows\inf\infpub.dat
2010-06-21 11:08:59 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-06-21 11:08:56 86016 ----a-w- c:\windows\inf\infstor.dat
2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13:48 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-28 08:01:59 97420 ----a-w- c:\windows\fonts\leelawdb.ttf
2010-04-23 14:13:55 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-18 09:20:44 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-10-16 19:01:58 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-04-22 14:18:14 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 9:53:32.14 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/28/2009 3:30:10 PM
System Uptime: 7/18/2010 7:35:19 AM (26 hours ago)

Motherboard: Wistron | | 3612
Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz | CPU | 2000/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 287 GiB total, 201.909 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.822 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet J4680 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet J4680 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:

Class GUID: {4d36e979-e325-11ce-bfc1-08002be10318}
Description: Officejet J4680 series
Device ID: ROOT\PRINTER\0000
Manufacturer: HP
Name: Officejet J4680 series
PNP Device ID: ROOT\PRINTER\0000
Service:

==== System Restore Points ===================

RP234: 7/1/2010 3:00:19 AM - Windows Update
RP235: 7/1/2010 3:00:26 AM - Scheduled Checkpoint
RP236: 7/2/2010 3:00:21 AM - Windows Update
RP237: 7/2/2010 8:57:36 PM - Scheduled Checkpoint
RP238: 7/3/2010 3:00:20 AM - Windows Update
RP239: 7/3/2010 6:50:33 PM - Scheduled Checkpoint
RP240: 7/10/2010 6:41:19 PM - Windows Update
RP242: 7/11/2010 3:00:32 AM - Windows Update
RP243: 7/11/2010 6:55:01 PM - Removed HiJackThis
RP244: 7/11/2010 6:57:13 PM - Installed HiJackThis
RP245: 7/11/2010 7:07:10 PM - Removed HiJackThis
RP246: 7/11/2010 7:11:12 PM - Installed HiJackThis
RP247: 7/11/2010 7:15:11 PM - Removed HiJackThis
RP248: 7/11/2010 7:16:41 PM - Installed HiJackThis
RP249: 7/11/2010 7:26:04 PM - Removed HiJackThis
RP250: 7/11/2010 7:27:48 PM - Removed HiJackThis
RP251: 7/11/2010 7:30:08 PM - Installed HiJackThis
RP252: 7/12/2010 3:00:20 AM - Windows Update
RP253: 7/13/2010 3:00:21 AM - Windows Update
RP254: 7/13/2010 3:00:28 AM - Scheduled Checkpoint
RP256: 7/14/2010 3:03:33 AM - Windows Update
RP257: 7/15/2010 3:00:27 AM - Windows Update
RP258: 7/16/2010 3:00:31 AM - Windows Update
RP259: 7/17/2010 3:00:22 AM - Windows Update
RP260: 7/18/2010 3:00:27 AM - Windows Update
RP261: 7/19/2010 3:00:24 AM - Windows Update

==== Installed Programs ======================

32 Bit HP CIO Components Installer
4660_4680_Help
Abacast Distributed Live
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.3
Adobe Shockwave Player
Adobe Shockwave Player 11.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Astro Gemini Screensaver Manager 1.2
Atheros Driver Installation Program
Bing Maps 3D
Bonjour
BPD_HPSU
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
Compatibility Pack for the 2007 Office system
Conexant HD Audio
Coupon Printer for Windows
CustomerResearchQFolder
CyberLink DVD Suite
CyberLink YouCam
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Plus Web Player
DocMgr
DocProc
DocProcQFolder
DPL Flashing TFX for Vista MM
DVD Decrypter (Remove Only)
ESET Online Scanner v3
ESU for Microsoft Vista
eSupportQFolder
Fax
ffdshow (remove only)
Google Chrome
Google Earth
Google Gears
Google Update Helper
Google Updater
GPBaseService
GPBaseService2
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Participation Program 10.0
HP Doc Viewer
HP Document Manager 1.0
HP DVD Play 3.7
HP Help and Support
HP Imaging Device Functions 10.0
HP Officejet All-In-One Series
HP Photosmart Essential 2.5
HP Quick Launch Buttons 6.40 H2
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Total Care Advisor
HP Total Care Setup
HP Update
HP User Guides 0118
HP Wireless Assistant
HP_Network_UserGuide
HPAsset component for HP Active Support Library
HPNetworkAssistant
HPProductAssistant
HPSSupply
Inbox Toolbar
Intel(R) Graphics Media Accelerator Driver
iTunes
J4680
Juno Preloader
LabelPrint
LightScribe System Software 1.14.17.1
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Move Media Player
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
My HP Games
NetWaiting
Network
NetZero Preloader
Norton 360
Norton Internet Security
Norton Security Scan
OCR Software by I.R.I.S. 10.0
OGA Notifier 2.0.0048.0
PageRage Toolbar
Pando Media Booster
Power2Go
PowerDirector
ProductContext
PSSWCORE
QuickTime
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek USB 2.0 Card Reader
RealUpgrade 1.0
Safari
Scan
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
SPORE Creature Creator Trial Edition
Status
Synaptics Pointing Device Driver
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB981715)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053
Vegas Movie Studio Platinum 9.0
VideoToolkit01
WebReg
Windows Movie Maker 2.6
Yahoo! Install Manager
Yahoo! Software Update
Yahoo! Toolbar
Yontoo Layers Client 1.10.01
YouTube Downloader 2.5.1

==== Event Viewer Messages From Past Week ========

7/19/2010 3:05:17 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for the 2007 Microsoft Office System (KB982312).
7/19/2010 3:04:03 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Excel 2007 (KB982308).
7/19/2010 3:03:30 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office InfoPath 2007 (KB979441).
7/19/2010 3:02:58 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office PowerPoint 2007 (KB982158).
7/19/2010 3:02:21 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Word 2007 (KB982135).
7/19/2010 3:01:47 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for the 2007 Microsoft Office System (KB982331).
7/17/2010 9:34:23 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer LARRY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{81E67FA3-8EEF-4667-96AA-7B1B27C7A. The master browser is stopping or an election is being forced.
7/16/2010 7:11:06 PM, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
7/16/2010 7:10:27 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/16/2010 7:09:32 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
7/16/2010 4:18:21 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer LISA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{81E67FA3-8EEF-4667-96AA-7B1B27C7A7. The master browser is stopping or an election is being forced.
7/15/2010 8:43:25 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer DAVID that believes that it is the master browser for the domain on transport NetBT_Tcpip_{81E67FA3-8EEF-4667-96AA-7B1B27C7A7B8. The master browser is stopping or an election is being forced.

==== End Of File ===========================

DebC
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2010-05-09
Gender Gender : Female
OS OS : Vista
Points Points : 24818
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by Kenny94 on 19th July 2010, 4:56 pm

It is a Start up HP item which is activated automatically every time your PC starts. Why, I do not know. I know your moving, but when you can I would use HP Disk. I like to look at one scan and run HJT to see if we can stop it for now. And Update java on this PC. as well.


There are some older versions of Java on your computer. These can cause malware.

[
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

  • Download the latest version of [You must be registered and logged in to see this link.] and save it to your desktop.
  • Scroll down to where it says Java SE Runtime Environment (JRE) - JRE 6 Update 20 -
  • Click the Download button to the right.
  • Select the Windows platform from the dropdown menu.
  • Read the License Agreement and then check the box that says: I agree to the Java SE Runtime Environment 6u16 with JavaFX 1 License Agreement. Click on Continue.The page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u120 -windows-i586-p.exe to install the newest version.

  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)

    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
        Applications and Applets
        Trace and Log Files


    • Click OK on Delete Temporary Files Window
      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    • Click OK to leave the Temporary Files Window
    • Click OK to leave the Java Control Panel.



To test your Java Run-time, you may go to this page [You must be registered and logged in to see this link.]
When all is well, you should see Java Version: 1.6.0_20 from Sun Microsystems Inc.

Next

Update Run Malwarebytes



  • Launch Malwarebytes' Anti-Malware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Next

[You must be registered and logged in to see this link.] to download HJTInstall.exe
  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.


Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33521
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by DebC on 19th July 2010, 8:07 pm

Sorry, but which download do I select specifically. I use Windows Vista and I dont see an option for that under Platform selection when I click on the red bar for "Download JRE."

DebC
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2010-05-09
Gender Gender : Female
OS OS : Vista
Points Points : 24818
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by Kenny94 on 19th July 2010, 8:19 pm

[You must be registered and logged in to see this link.]

And select Windows.

Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33521
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by DebC on 19th July 2010, 10:34 pm

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4271

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

7/19/2010 5:34:02 PM
mbam-log-2010-07-19 (17-34-02).txt

Scan type: Quick scan
Objects scanned: 133994
Time elapsed: 6 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

DebC
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2010-05-09
Gender Gender : Female
OS OS : Vista
Points Points : 24818
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by Kenny94 on 19th July 2010, 10:48 pm

The Trend Micro\HijackThis log. Can you post it please.

Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33521
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by DebC on 20th July 2010, 12:22 am

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 7:21:59 PM, on 7/19/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
O2 - BHO: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client\YontooIEClient.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O3 - Toolbar: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPage.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: CabBuilder - [You must be registered and logged in to see this link.]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {36299202-09EF-4ABF-ADB9-47C599DBE778} (HP Product Detection Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} (WoF Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [You must be registered and logged in to see this link.]
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate1ca1bbd238535f0) (gupdate1ca1bbd238535f0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 11760 bytes


Thank you so much for all your help by the way. i really appreciate it. =)

DebC
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2010-05-09
Gender Gender : Female
OS OS : Vista
Points Points : 24818
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by Kenny94 on 20th July 2010, 2:00 pm

If this works. it going to be a temporary fix. Until you use the HP CD.

Open Hijackthis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

04 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

Again, make sure ALL browser windows are closed when you click FIX.

And let me know?

Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33521
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by DebC on 22nd July 2010, 9:22 am

Ok did that, and it wouldnt allow me to access the internet for a day and 1/2. I entered my security code several times then gave up. Restarted this morning now I have internet access.(?) I'm still getting that PSSWCORE alert at start up as well. I'm wondering if the last action you had me do, had something to do with the internet not working. I may just forget about this until I can get the disk. I'm afraid of messing something else up. =(

DebC
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2010-05-09
Gender Gender : Female
OS OS : Vista
Points Points : 24818
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by Kenny94 on 22nd July 2010, 12:37 pm

I fix the hp Wireless Assistant and that was my fault, It's best to use the HP CD...... Smile

Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33521
# Likes # Likes : 0

View user profile

Back to top Go down

Re: No reply in 4 days. Still need help.

Post by DebC on 22nd July 2010, 1:58 pm

Ok well thanks so much for all your help in this. I'll just have to wait it out until we can unpack. Thanks again. =)

DebC
Intermediate
Intermediate

Posts Posts : 59
Joined Joined : 2010-05-09
Gender Gender : Female
OS OS : Vista
Points Points : 24818
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum