Logfile of HijackThis v1.99.0
Scan saved at 9:17:33 PM, on 1/26/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\safe-share\SafeShare.exe
C:\WINDOWS\System32\cmpbk321.exe
C:\WINDOWS\system32\wsxsvc\wsxsvc.exe
C:\WINDOWS\system32\vmss\vmss.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ
Anti-Spam\QSP-2.1.212.0\QOELoader.exe
C:\Program Files\Microsoft Money\System\reminder.exe
C:\WINDOWS\system32\aaaeamci.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Greetings Workshop\GWREMIND.EXE
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\DAVID&~1\LOCALS~1\Temp\Temporary Directory 1 for
hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
file://C:\WINDOWS\system32\SearchBar.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.intellicast.com/Local/US...agery&product=RadarLoop&prodnav=none&pid=none
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = 127.0.0.1
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common
Files\Roxio
Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD
Creator
6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD
Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [AoL] C:\documents and settings\david & mary\local
settings\temp\AoL.exe
O4 - HKLM\..\Run: [Unshare] C:\Program Files\safe-share\SafeShare.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [Fqci] C:\documents and settings\david & mary\local
settings\temp\Fqci.exe
O4 - HKLM\..\Run: [f59eb0c159a7] C:\WINDOWS\System32\cmpbk321.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Dvx] C:\WINDOWS\system32\wsxsvc\wsxsvc.exe
O4 - HKLM\..\Run: [vmss] C:\WINDOWS\system32\vmss\vmss.exe
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exe
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\eTrust EZ Armor\eTrust
EZ
Anti-Spam\QSP-2.1.212.0\QOELoader.exe"
O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft
Money\System\reminder.exe
O4 - HKCU\..\Run: [JBvFRRJqS] aaaeamci.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition]
"C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - Startup: Greetings Workshop Reminders.lnk = C:\Program
Files\Greetings
Workshop\GWREMIND.EXE
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft
Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft
Office\Office\OSA.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) -
http://www.blindsanddrapery.com/CFIDE/classes/CFJava.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) -
https://webresponse.one.microsoft.com/OAS/ActiveX/winrep.cab
O16 - DPF: {8A0DCBDA-6E20-489C-9041-C1E8A0352E75} -
http://download.getmirar.com/875457/files/installer.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) -
http://a19.g.akamai.net/7/19/7125/1435/ftp.coupons.com/v3122/cpbrkpie.cab
O23 - Service: .NET Framework Service - Unknown - C:\WINDOWS\svchost.exe
(file missing)
O23 - Service: CA ISafe - Computer Associates International, Inc. -
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service - Unknown - C:\Program
Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: SymWMI Service - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: VET Message Service - Computer Associates International,
Inc.
- C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exe
Carey Holzman said:
Some other firewall is enabled or you have a bad cable or port.
Download HiJackThis from
http://www.spychecker.com/program/hijackthis.html
Run it on the PC that cannot be pinged and save the log file and copy and
paste it's contents in your reply.
Carey
The fire wall in XP is off.
:
Have you got the firewall turned on, on the XP box?
message
My home network with linksys router, XP desk top{Gateway} and WIN
2000
laptop
{ IBM T23}. Tried mapping the computers,. On XP, able to map, see,
and
ping
to the win 2000. On the win 2000 laptop, I can't ping or see the XP
machine?