TheTerrorist_75 Posted September 11, 2005 Report Share Posted September 11, 2005 I have downloaded and ran AdAware, SpyBot, stinger, Housecall and Ewido. All hidden files are shown. Panda is old and out of date (2003) but found Sasser and another trojan. I just want to make sure this crudy Compaq is clean before installing SP2, SpywareBlaster, IESPYAD and Avast. I can't see anything that stands out.Logfile of HijackThis v1.99.1Scan saved at 9:43:13 PM, on 9/10/2005Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exeC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeC:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXEC:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exeC:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exeC:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exeC:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exeC:\WINDOWS\system32\pctspk.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXEC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exeC:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exeC:\WINDOWS\System32\wuauclt.exeC:\Program Files\ewido\security suite\ewidoctrl.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\HJT\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exeO4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeO4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe"O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /sO4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: officejet 6100.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXEO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXEO16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1126392311344O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exeO23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exeO23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exeO23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exeO23 - Service: SmartLinkService (SLService) - Unknown owner - slserv.exe (file missing)--------------------------------------------------------- ewido security suite - Scan report--------------------------------------------------------- + Created on: 9:41:32 PM, 9/10/2005 + Report-Checksum: 1D5431E4 + Scan result: C:\Documents and Settings\boweringd\Cookies\boweringd@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup C:\Documents and Settings\boweringd\Cookies\[email protected][2].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\Dottie\Cookies\dottie@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup::Report End Link to post Share on other sites
Besttechie Posted September 11, 2005 Report Share Posted September 11, 2005 Hey TT,It looks fine, may want to install SP2 as well. B Link to post Share on other sites
TheTerrorist_75 Posted September 11, 2005 Author Report Share Posted September 11, 2005 Thanks Jeff. This kid has a bunch of trial programs from when he bought it including Panda. This has been a fun one. WinXP Pro installed on a 700MHz/128MB RAM piece of slow crap. He never ran the updates for the anti-virus or Windows. Luckily I was able to manually install the newest updates from Panda through my account. Now I need to dump System Restore and get rid of some of the BS programs and install decent ones. I'm glad I have the SP2 disk. Even with DSL it takes time to download. Link to post Share on other sites
Besttechie Posted September 11, 2005 Report Share Posted September 11, 2005 You're very welcome! Good luck! B Link to post Share on other sites
blim Posted September 11, 2005 Report Share Posted September 11, 2005 OK, seeing as this machine got a "clean bill of health", I hope I can post this here....Terrorist, you mentioned "dumping System Restore". Out of curiosity (and still trying to learn about these idiot boxes) do you mean getting rid of System Restore, and if you do, why? I thought System Restore "was a good thing" (Gawd, I'm quoting Martha Stewart, I am soooo sorry)Thanks,Liz Link to post Share on other sites
robroy Posted September 11, 2005 Report Share Posted September 11, 2005 I think he means dumping the system restore points saved on the machine. Btw glad that the pg is not so possessed any more Link to post Share on other sites
TheTerrorist_75 Posted September 11, 2005 Author Report Share Posted September 11, 2005 OK, seeing as this machine got a "clean bill of health", I hope I can post this here....Terrorist, you mentioned "dumping System Restore". Out of curiosity (and still trying to learn about these idiot boxes) do you mean getting rid of System Restore, and if you do, why? I thought System Restore "was a good thing" (Gawd, I'm quoting Martha Stewart, I am soooo sorry)Thanks,Liz<{POST_SNAPBACK}>System restore is fine. What I'm doing is clearing all the old restore points where copies of the viruses and trojans I removed previous to posting the log are stored. Anti-virus and spyware programs can't remove the copies from System restore so it is best to disable it and reboot a couple of times then rescan. If your PC is still clean you turne System restore back on and create a new restore point. I will have to do this before installing SP2. Jeff has the links from Symantec up above that deals with this. Link to post Share on other sites
blim Posted September 11, 2005 Report Share Posted September 11, 2005 Ok, yep, I still need translations Thanks for explaining that. And with PG, so far, so good. Son is having a wonderful time re-discovering his games (when he's home for longer that 20 minutes--him being out the house is good, too )Liz Link to post Share on other sites
mlegg510 Posted September 13, 2005 Report Share Posted September 13, 2005 Hey TT I just was looking for some RAM through my pile o' stuff. I saw at Staples , I think, or one of those big retailers, in Sunday ads had 256 MB of PC133 for like $25 or so. It will help you run a bit faster.I have several older machines at the Chevy dealership w 256 all running OK.I will look to see if I have any spare sticks hanging around and I can send you one , pretty sure the dealership won't miss it. Besides I am the man in charge of all things tech there. Avast av is excellent, you will have good luck with it. I have it on about 30 PCs now. Link to post Share on other sites
Recommended Posts