Hi,
We've had this laptop for only 2 days and already its giving us problems with the internet. We are redirected or get popups to
http://harro.250free.com/money.html and some angelfire page. I've run Norton, Ad-Aware, Spyware, and now Hijackthis to show my log and see if anyone can find the problem.
We've had other problems that have been taken care of but there is still the issue with being sent to these sites and also having our browers (Firefox and IE) always saying that they can't find a site, as if the address were typed wrong, even when it isn't.
Its a HP Pavilion
P4 - 2.4 GHZ
256mb ram
Win XP Home
Logfile of HijackThis v1.97.7
Scan saved at 12:55:42 AM, on 6/11/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\srvss.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\wserv32.exe
C:\WINDOWS\System32\lsrv.exe
C:\WINDOWS\System32\ifdccvt.exe
C:\WINDOWS\System32\scrgrd.exe
C:\Program Files\WindowsSA\omniscient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Thelma Ancer\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us8l.hpwis.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://store.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext =
http://r.office.microsoft.com/r/rlid...-5621446-16640
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Windo ws\System32\wsaupdater.exe,
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe"
O4 - HKLM\..\Run: [MMTray] ""
O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe " /Start
O4 - HKLM\..\Run: [HPHUPD05] "C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe"
O4 - HKLM\..\Run: [HPHmon05] "C:\WINDOWS\System32\hphmon05.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Microsoft Update] wserv32.exe
O4 - HKLM\..\Run: [Microsoft Services] lsrv.exe
O4 - HKLM\..\Run: [Windows Update] "C:\WINDOWS\System32\xfoyz.exe"
O4 - HKLM\..\Run: [xsntpf] "C:\WINDOWS\System32\ifdccvt.exe"
O4 - HKLM\..\Run: [Microsoft Restore] scrgrd.exe
O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe
O4 - HKLM\..\Run: [581A1073] C:\WINDOWS\System32\ijixlbk.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wserv32.exe
O4 - HKLM\..\RunServices: [Microsoft Services] lsrv.exe
O4 - HKLM\..\RunServices: [Microsoft Restore] scrgrd.exe
O4 - HKLM\..\RunServices: [6AF4BD38] C:\WINDOWS\System32\ijixlbk.exe
O4 - HKCU\..\Run: [Microsoft Update] wserv32.exe
O4 - HKCU\..\Run: [Microsoft Services] lsrv.exe
O4 - HKCU\..\Run: [Microsoft Restore] scrgrd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: Real.com (HKLM)
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) -
http://www.mt-download.com/MediaTicketsInstaller.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{42973F03-CA4F-4615-8DD4-D97B0A0AB35F}: NameServer = 209.244.0.3 209.244.0.4
Any help is greatly appreciated.
Linear Mode
