which of these should i fix? they all came up when i scaned my computer with Hijackthis. should i check them all and fix them? thanks.


MSIE: Internet Explorer v7.00 (7.00.6000.16546)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\AntiVirus 2007\TAVScan.exe
C:\Program Files\WinAce\WinAce.exe
C:\Users\User\AppData\Local\Temp\~AceTemp\hijackth is\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search (http://go.microsoft.com/fwlink/?LinkId=54896)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL (http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL.com - Welcome to AOL (http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search (http://go.microsoft.com/fwlink/?LinkId=54896)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search (http://go.microsoft.com/fwlink/?LinkId=54896)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = AOL.com - Welcome to AOL (http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] "C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] "C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
O4 - HKLM\..\Run: [WAWifiMessage] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [Trend Micro AntiVirus 2007] "C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe" -1 --delay 15
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] "rundll32.exe" oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{C1CC02C5-8709-4444-BE88-6B4ABCBF9D17}
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AROReminder] "C:\Program Files\Advanced Registry Optimizer\ARO.exe" -rem
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WRNotifier - C:\Windows\SYSTEM32\WRLogonNTF.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend Micro AntiVirus Protection Service (tavsvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\tavsvc.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\AntiVirus 2007\Components\tmproxy.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

CHECK ZEM ALL! NAOW! :D

when i read that i read it like Arnold, and laughed a little. is that who you were tryin to mimick?

you bein serious though? can't tell.

jesus you got alot of start up programs.... how long does it take for your comp to boot? like 5 minutes?

which ones do you recommend i take off slip? i often remove startup programs with msconfig but im always scared ill delete one that i am not supposed to and fuck up my computer.

anyone?

i use msconfig too...

anything that says hp on it, minus the auto updates, you can take that off too just don't forget to check for updates now and then... qttask, itunes, sidebar, wmp, aim/aol...

that's just me tho, it depends on which programs you use

alright, thanks.

about my HIJACKTHIS results i posted above, which ones should i select, and then hit "fix selected" on?

like i said, just don't want to fix (does fixing really mean deleting?) something I shouldn't.

i don't know anything about hijackthis, like i said i use msconfig.... just use that program if you're comfterable with it to disable the start up entries

alright, thanks anyways.

anyone else know which of these files i should and shouldnt delete without deleting any critical windows files etc...

sidenote slipkn: im pretty sure these are just my programs running now, not specifically startup. I havent rebooted in a while.

You have to be carefull what you mess with in Hijack this, your better off asking on a dedicated computer help site like MajorGeeks Support Forums - Powered by vBulletin (http://forums.majorgeeks.com/)

You have a bunch of crap installed (poker stars....)

Use spyware software to run a scan. "Spybot Search and Destroy" is good. Windows offers "Defender". Both are free.

Is your computer running slowly? with some of that poker junk on there no wonder. Uninstall anything you don't need - not by deleting the files, by uninstalling from control panel. Run the spyware scan, then a complete virus scan (pandasoftware, kaspersky offer free scans online).

msconfig is a great first step to keep the junk from loading. gl.

are you talkin about these mikey?

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\tmlsp.dll


if someone would copy my results and mabe put what they recommend i delete in bold?? that would be awesome. i'll make it up to you one day if you ever need anything i can help with.

Windows Process Library (http://www.liutilities.com/products/wintaskspro/processlibrary/other/a/)
You can use this to find out what each process does, I find it handy for anything I don't recognise and have used it for a while now.

I know exactly what you mean. I ran Hijack This and came up with a couple hundred things. But the programmers warn you can screw-up the computer deleting the wrong things. So I left it alone. One good move is to run msconfig, go to start-up, and uncheck everything you don't need to run right away at start-up. All those programs are gonna run when you choose them anyway.

I find Spybot to be a great help as it enables you to choose what starts up when you switch on your PC and it has an immunize feature for "bad products".
Also AVG free is pretty good for scanning for trojans and viruses.
The home of Spybot-S&D! (http://www.safer-networking.org/)
AVG Free Advisor - Free antivirus and anti-spyware downloads (http://free.grisoft.com/)

ILL SAY IT AGAIN!!!!

post your hijack log on a dedicated computer help forum. DO NOT GO DELETING RANDOM STUFF!!!

im not gona go deleting random stuff. Where did I once insinuate that i was going to do that? and I got you the first time dude... was just trying to avoid making another username on another site if i could, it's really not a huge priority to me atm, my computer is running fine, just a little slower than normal.

I assumed there were some tech junkies on thsi site, guess not.

thanks for the tips anyone who gave.

sorry if that came across wrong, but hijack logs can be quite difficult to deal with if you dont know what to look for...i delete stuff from my own sometimes but i wouldnt feel experienced enough to give others advice.....

Have you run through spybot s&d and AVG like others have suggested, and gone to add/remove progams to unintall anything you dont want and run MSCONFIG?

I think its safe to assume that "pokerstars" entry can go tho:D

dude, open ms config and take a screen shot.... also tell me your sound card, video card, and any programs you don't use atleast 2-3 times a day...

i'll show you exactly what to check off.... btw, with msconfig you have nothing to be scared of.... you're not deleting anything, you're just disabling it... which is why i use msconfig, if i later found otu i shouldn't have take that out, i just open up the prompt again and re-add it.

btw, i really do hate to say it... i really do... but if you have noa clue what you're doing in hijack this, don't touch shit, and go to a dedicated computer forum... i'm only half a nerd... i'm about moderate-moderate high, while people at like forums.devhardware are serious pros and know exactly what they're doing (i highly suggest it for any computer problems, it also covers many other subjects... everyting from console gaming to a building a comp from scratch... very nice group too... laid back light here...
thousands just dying to hlep you.... of course they'r doing it for the wrong reason (they want the 'fame) but if it gets the job done, who cares....

Hijack this is not for nubs. Things like spybot, msconfig, virus scans are what every nub should be using on their PC on a regular basis.

Hijack this is a last resort. Actually, If I was working on that system I would back up whatever you needed to keep and reinstall windows. Then drill into your head that pressing yes and ok at every popup is not a good idea.

The advice you got on this forum is fine. You dont need to seek out other advice. you just need to learn the basic steps in protecting yourself online. Run what has been suggested without deleting specific files through Hijack this and post back results.

i ain't run a virus program in over 3 years... still no virus... so he's right.. you gotta be smart onw hat you do and do not click on....

basicly unless you're trying ot open a window that requires them, tha'ts ok... (coupole of places i know require opening a new window, you also gotta read the command boxes... some say something; like would you like to download this XXX dialer, and by the time you got that pop-up it's pretty much a given you got everyting it you were trying to avoid, or click here for my free pics.. or woulde you lke free porn acceess for a month? yes

see how they switch it up....

Simple solution here is go to =
HijackThis Logfileauswertung (http://www.hijackthis.de/)
and cut and paste your log file into the box provided, then follow the simple instructions.

You will see the only nasty on yours is this one =
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

Other than a couple of very minor issues your PC is pretty clean.

Note to all, after completing the HiJackThis process as above, a scan with Ad-Aware from here - Ad-Aware 2007 Free - Lavasoft (http://www.lavasoftusa.com/products/ad_aware_free.php) - is a good move.

Beware of other so called Adware / Spyware removers, many of them are in reality loaded with spyware etc themselves, lots of them are in fact !
Any help needed ask me - it's my job :)

Adaware used to be my top pick but has gotten a bit bloated. Now runs services too, yuck.

But still a great tool.

Has anyone tried a-squared security center? I have the trial version now, I love it! Whenever anything, even a tracking cookie, shows up, you can block it. After the first few days, I noticed I haven't had to block anything else. It also got rid of those annoying pop-up windows that I get from time to time. I surf tooooo much! lol

Sorry if this got off topic :)

I just use good old Spybot S&D, and Ccleaner on a rotating basis
once a month.

I also run an AVG scan maybe twice a week.

Never have any probs.

if ive installed some dubious software i might run a few scans on it, but apart from that, Im always clean....I fix computers in my spare time, and 99% of the time computers run slow because the owners just dont care about maintenance.

A clasic one I had the other day, Spybot picked up about 8 probems, one of which had over 600 instances of some malware...

needless to say it ran a bit better with out the malware lol.