http://looking-for.cc/uninstall/homesearchassistant.html
-
http://looking-for.cc/uninstall/homesearchassistant.html
Logfile of HijackThis v1.98.0
Scan saved at 15:58:13, on 2004-07-18
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
D:\Software\Printer\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
D:\Software\Clone Cd 4.3.2.2\CloneCD\CloneCDTray.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\msvf.exe
C:\WINDOWS\system32\javasz.exe
D:\SOFTWARE\INTERN~1\AVGANT~1\avgserv.exe
C:\Program Files\Adaware\Ad-aware 6\Ad-aware.exe
D:\Software\INTERNET SECURITY\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\seino.dll/sp.html#26980
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://seino.dll/index.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://seino.dll/index.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\seino.dll/sp.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\seino.dll/sp.html#26980
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://seino.dll/index.html#26980
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {D10D74BE-30C2-93F0-F633-C7CF4A69BF6B} - C:\WINDOWS\system32\ipiw.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Software\Acrobat Reader 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHUPD05] D:\Software\Printer\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "D:\Software\Printer\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Software\Clone Cd 4.3.2.2\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LaunchList] D:\Software\Pinnacle Studio 8.1\LaunchList.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Windows System Manager] winsystem.exe
O4 - HKLM\..\Run: [msvf.exe] C:\WINDOWS\system32\msvf.exe
O4 - HKLM\..\Run: [AVG_CC] D:\SOFTWARE\INTERN~1\AVGANT~1\avgcc32.exe /STARTUP
O4 - HKLM\..\RunServices: [Windows System Manager] winsystem.exe
O4 - HKLM\..\RunOnce: [javasz.exe] C:\WINDOWS\system32\javasz.exe
O4 - HKLM\..\RunOnce: [mfcdq.exe] C:\WINDOWS\system32\mfcdq.exe
O4 - HKCU\..\Run: [Windows System Manager] winsystem.exe
O4 - HKCU\..\RunOnce: [AVGW] D:\SOFTWARE\INTERN~1\AVGANT~1\avgw.exe /RUNONCE
O4 - Global Startup: Acrobat Assistant.lnk = D:\Software\Acrobat Reader 6.0\Distillr\acrotray.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{32715FBD-F459-4E2D-B73D-E1E7B3A6AF0A}: NameServer = 198.235.216.111 209.226.175.223
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\msopt.dll
-
Start off by running housecall
Close all windows and restart Hijack this, put a check mark against the following ( if they exist)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\seino.dll/sp.html#26980
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://seino.dll/index.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://seino.dll/index.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\seino.dll/sp.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\seino.dll/sp.html#26980
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://seino.dll/index.html#26980
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {D10D74BE-30C2-93F0-F633-C7CF4A69BF6B} - C:\WINDOWS\system32\ipiw.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Software\Acrobat Reader 6.0\Acrobat\AcroIEFavClient.dll (file missing)
O4 - HKLM\..\Run: [Windows System Manager] winsystem.exe
O4 - HKLM\..\Run: [msvf.exe] C:\WINDOWS\system32\msvf.exe
O4 - HKLM\..\RunServices: [Windows System Manager] winsystem.exe
O4 - HKLM\..\RunOnce: [javasz.exe] C:\WINDOWS\system32\javasz.exe
O4 - HKLM\..\RunOnce: [mfcdq.exe] C:\WINDOWS\system32\mfcdq.exe
O4 - HKCU\..\Run: [Windows System Manager] winsystem.exe
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\msopt.dll
Click Fix Checked
Restart the computer in Safe Mode
Go to C:\WINDOWS\system32 and delete the following files
mfcdq.exe
javasz.exe
msvf.exe
ipiw.dll
Restart your computer
Post a fresh Hiijack this log
Last edited by putasolutions; 19-07-2004 at 05:03 PM.
-
Thanks putasolutions for your help, it's greatly appreciated 
I'm not sure but I think I'm still up **** creek with no paddle..........
Anyway, here's my 2nd log
Logfile of HijackThis v1.98.0
Scan saved at 20:19:02, on 2004-07-19
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
D:\Software\Printer\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
D:\Software\Clone Cd 4.3.2.2\CloneCD\CloneCDTray.exe
C:\WINDOWS\System32\devldr32.exe
D:\SOFTWARE\INTERN~1\AVGANT~1\avgcc32.exe
C:\Program Files\WindUpdates\WinUpdt.exe
C:\WINDOWS\system32\msvf.exe
C:\Program Files\WindUpdates\WinKA.exe
D:\Software\Acrobat Reader 6.0\Distillr\acrotray.exe
D:\Software\INTERNET SECURITY\HiJackThis\HijackThis.exe
D:\SOFTWARE\INTERN~1\AVGANT~1\avgserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\imapi.exe
C:\WINDOWS\system32\javasz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\arrwl.dll/sp.html#26980
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://arrwl.dll/index.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://arrwl.dll/index.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\arrwl.dll/sp.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\arrwl.dll/sp.html#26980
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://arrwl.dll/index.html#26980
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\Windows\System32\wsaupdater.exe,
O2 - BHO: (no name) - {55FDE9FB-433B-10B5-55CC-366744EC0C21} - C:\WINDOWS\system32\iell.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHUPD05] D:\Software\Printer\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "D:\Software\Printer\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Software\Clone Cd 4.3.2.2\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LaunchList] D:\Software\Pinnacle Studio 8.1\LaunchList.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [AVG_CC] D:\SOFTWARE\INTERN~1\AVGANT~1\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe
O4 - HKLM\..\Run: [msvf.exe] C:\WINDOWS\system32\msvf.exe
O4 - Global Startup: Acrobat Assistant.lnk = D:\Software\Acrobat Reader 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...389048b192383d
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\msopt.dll
-
Start your computer in safe mode.
Go to Start | Run
Type in regedit and click OK. (The registry editor will open.)
In the left pane, find the following key
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9D90B2 7-AD4A-413a-88CB-3E6DDC10DC2D},
if it exists, Highlight it, Right click it and click Delete.
Do the same as above for following
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D}
Exit the registry editor.
Restart your computer in safe Mode.
Start Windows Explorer :
Go to C:\Windows and delete MSOPT.DLL
Restart your computer
Post a fresh Hijack this log
-
Here's my new log
Logfile of HijackThis v1.98.0
Scan saved at 20
13, on 2004-07-21
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\SOFTWARE\INTERN~1\AVGANT~1\avgserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\addvg32.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
D:\Software\Printer\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
D:\Software\Clone Cd 4.3.2.2\CloneCD\CloneCDTray.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\WindUpdates\WinUpdt.exe
C:\WINDOWS\system32\msvf.exe
C:\Program Files\WindUpdates\WinKA.exe
D:\Software\Mouseware\MouseWare\system\em_exec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Software\INTERNET SECURITY\AVG Antivirus\avgcc32.exe
D:\Software\INTERNET SECURITY\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\jlpde.dll/sp.html#26980
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.canoe.ca
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://jlpde.dll/index.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\jlpde.dll/sp.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\jlpde.dll/sp.html#26980
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://jlpde.dll/index.html#26980
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Windo ws\System32\wsaupdater.exe,
O2 - BHO: (no name) - {F52B4B29-EAA0-A4B2-3FF3-0A8EE5DB6566} - C:\WINDOWS\system32\msxe.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHUPD05] D:\Software\Printer\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "D:\Software\Printer\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Software\Clone Cd 4.3.2.2\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LaunchList] D:\Software\Pinnacle Studio 8.1\LaunchList.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [msvf.exe] C:\WINDOWS\system32\msvf.exe
O4 - HKLM\..\Run: [AVG_CC] D:\Software\INTERNET SECURITY\AVG Antivirus\avgcc32.exe /startup
O4 - HKLM\..\RunOnce: [addvg32.exe] C:\WINDOWS\addvg32.exe
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...389048b192383d
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{32715FBD-F459-4E2D-B73D-E1E7B3A6AF0A}: NameServer = 198.235.216.111 209.226.175.223
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\msopt.dll
-
Close all windows restart Hijack this and put a check mark against the following
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\jlpde.dll/sp.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://jlpde.dll/index.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\jlpde.dll/sp.html#26980
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\jlpde.dll/sp.html#26980
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://jlpde.dll/index.html#26980
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Windo ws\System32\wsaupdater.exe,
O2 - BHO: (no name) - {F52B4B29-EAA0-A4B2-3FF3-0A8EE5DB6566} - C:\WINDOWS\system32\msxe.dll
O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe
O4 - HKLM\..\Run: [msvf.exe] C:\WINDOWS\system32\msvf.exe
O4 - HKLM\..\RunOnce: [addvg32.exe] C:\WINDOWS\addvg32.exe
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...5389048b192383d
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\msopt.dll
Click Fix Checked
Download Registrar lite (freeware)
Click on the magnifying glass, then put C:\WINDOWS\msopt.dll in the search Window. Make sure that 'registry' is selected as the folder to search. Post back the results
-
Nothing found when searching C:\WINDOWS\msopt.dll.
I searched both the registry and the normal search window.
But wait, when I opened a new EI window I did get that home search page
but still get the pop-ups resulting from that page...... any idea???
-
Download About:Buster from either of the following locations.
http://www.atribune.org/downloads/AboutBuster.zip
or
http://tools.zerosrealm.com/AboutBuster.zip
Make sure you close ALL Internet Explorer windows. This is a very important step!!
Run AboutBuster.exe, click ok, then start, then OK. This will scan your computer for the files responsible for hijacking your home and/or search settings/page.
Reboot and post a new HijackThis log along with the report from About:Buster.
-
Here's my new log
Logfile of HijackThis v1.98.0
Scan saved at 18:24:33, on 2004-07-22
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Software\INTERNET SECURITY\Sygate Personal Firewall\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
D:\Software\Printer\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
D:\Software\Clone Cd 4.3.2.2\CloneCD\CloneCDTray.exe
C:\WINDOWS\System32\devldr32.exe
D:\Software\Mouseware\MouseWare\system\em_exec.exe
D:\Software\INTERNET SECURITY\AVG Antivirus\avgcc32.exe
C:\Program Files\WindUpdates\WinUpdt.exe
C:\Program Files\WindUpdates\WinKA.exe
D:\Software\INTERNET SECURITY\HiJackThis\HijackThis.exe
D:\SOFTWARE\INTERN~1\AVGANT~1\avgserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\addvg32.exe
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Windo ws\System32\wsaupdater.exe,
O2 - BHO: (no name) - {932F05AE-5941-1C8D-8A0A-AF1CA446E213} - C:\WINDOWS\system32\ieac32.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHUPD05] D:\Software\Printer\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "D:\Software\Printer\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "D:\Software\Clone Cd 4.3.2.2\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [LaunchList] D:\Software\Pinnacle Studio 8.1\LaunchList.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [AVG_CC] D:\Software\INTERNET SECURITY\AVG Antivirus\avgcc32.exe /startup
O4 - HKLM\..\Run: [WindUpdates] C:\Program Files\WindUpdates\WinUpdt.exe
O4 - HKLM\..\Run: [SmcService] D:\Software\INTERN~1\SYGATE~1\smc.exe -startgui
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\msopt.dll
-
Could you restart your computer into safe mode and run about:blaster again and Post the About Blaster log to the forum?
Newbie
