Hijack This Log

[Dreamspinner3]

PC's been a bit funny lately. All my anti-Spyware programs find
nothing. Does anyone see anything here?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:01:39 PM, on 8/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA
Anti-Virus\VetMsg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\starter.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA
Anti-Virus\CAVRID.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
Microsoft Internet Explorer provided by Comcast High-Speed Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyOverride = localhost
O2 - BHO: FlpLauncher Class - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} -
C:\Program Files\E-Book Systems\FlipAlbum 6 Pro\FpLaunch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} -
C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [HPHUPD08] C:\Program Files\HP\Digital
Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0
-k
O4 - HKLM\..\Run: [EnsoniqMixer] C:\WINDOWS\system32\starter.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security
Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security
Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\avgas.exe" /minimized
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program
Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Easy-WebPrint Add To Print List -
res://C:\Program
Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print -
res://C:\Program
Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program
Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program
Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}
- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net/
O15 - Trusted Zone: http://minneapolis.craigslist.org
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data
Collection Control) -
https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) -
http://www.trendsecure.com/service_c...ex/TmHcmsX.CAB
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data
Collection Control) -
https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
-
http://update.microsoft.com/windowsu...?1149811567464
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI
Utility Class) -
http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
-
http://update.microsoft.com/microsof...?1149812269694
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX
Scan Agent 6.5) -
http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} (CamRegCleanControl
Object) -
http://www.amustsoft.com/onlineregis...RegCleaner.cab
O16 - DPF: {E991BDE0-9816-4094-853E-6BDB60F0342D} (Get_ActiveX
Control) -
http://apps.corel.com/nos_dl_manager...etOpPlugin.ocx
O20 - Winlogon Notify: !SASWinLogon - C:\Program
Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner -
C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet
Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. -
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common
Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt
Software - C:\Program Files\Sunbelt Software\Personal
Firewall\kpf4ss.exe
O23 - Service: O&O Defrag - O&O Software GmbH -
C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP -
C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Speed Disk service - Symantec Corporation -
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program
Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

--
End of file - 7512 bytes
Kim/Dreamspinner3
Parrot Nannies of Minnesota Inc:
http://parrotnanniesmn.com/
Personal Homepage: http://members.tripod.com/dreamspinner3/

[Leythos]

In article <v137c3l233hpnfl8h8lheq82ga91n7psik@4ax.com>, dreamspinner3
@gmx.net says...
> PC's been a bit funny lately. All my anti-Spyware programs find
> nothing. Does anyone see anything here?

Don't post HiJack logs to Usenet, the HJ forum and download sites
clearly tell you where to post them, if you can read.

As explained earlier: Because of all of the Web groups that get feeds
from Usenet and are then indexed in Google and other search engines,
your logs show up hundreds of HiJack postings from those websites
because you could not take the time to post them to a proper forum for
review.

--
Leythos - spam999free@rrohio.com (remove 999 to email me)

Learn more about PCBUTTS1 and his antics and ethic and his perversion
with Porn and Filth. Just take a look at some of the FILTH he's created
and put on his website: http://www.futurehardware.in/595578-2.htm all
exposed to children (the link I've include does not directly display his
filth). You can find the same information by googling for 'PCBUTTS1' and
'exposed to kids'.

[Dreamspinner3]

I realized my mistake after I posted it & used Agent's Cancel Usenet
Message feature to try to delete the post, but apparently it didn't
work.
Kim/Dreamspinner3
Parrot Nannies of Minnesota Inc:
http://parrotnanniesmn.com/
Personal Homepage: http://members.tripod.com/dreamspinner3/

[Leythos]

In article <v137c3l233hpnfl8h8lheq82ga91n7psik@4ax.com>, dreamspinner3
@gmx.net says...
> PC's been a bit funny lately. All my anti-Spyware programs find
> nothing. Does anyone see anything here?

Yea, I see someone doesn't know how to read the directions and post the
log to one of the approved HJ Forums where they check your log and
report back on items that should be removed.

--
Leythos - spam999free@rrohio.com (remove 999 to email me)

Learn more about PCBUTTS1 and his antics and ethic and his perversion
with Porn and Filth. Just take a look at some of the FILTH he's created
and put on his website: http://www.webservertalk.com/message1907860.html
3rd link shows what he's exposed to children (the link I've include does
not directly display his filth). You can find the same information by
googling for 'PCBUTTS1' and 'exposed to kids'.