|
|||||||
 |
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
04-21-2004, 07:56 AM
|
#1 |
|
Member (7 bit)
Join Date: Dec 2003
Location: Surrey,UK
Posts: 94
|
hpwinsv2.exe in windows xp
Hi, I just ran a virus scan on my computer and it deleted a few files that it found. However when I boot up the computer i get the error message saying that hpwinsv2.exe could not be found. Although this has not affected me greatly, it is really annoying and I c'ant find the file on my windows xp disc. Does anyone know how i could stop this message from coming up or find the file and put it back in the correct directory?
Thanks very much, Tom |
|
|
|
04-21-2004, 08:29 AM
|
#2 |
|
Member (8 bit)
Join Date: Oct 2001
Location: ottawa, ontario
Posts: 183
|
That filename sounds like it would from an printer HP....
|
|
|
|
|
04-21-2004, 10:22 AM
|
#3 | |
|
Member (6 bit)
Join Date: Nov 1999
Posts: 54
|
Re: hpwinsv2.exe in windows xp
Quote:
|
|
|
|
|
|
04-21-2004, 12:44 PM
|
#4 |
|
Member (7 bit)
Join Date: Dec 2003
Location: Surrey,UK
Posts: 94
|
Thanks very much but It can't be a printer because I have nothing to do with printers on this computer. Thanks red, that is why I thought it was strange becaus eI found nothing on the internet but it is definately the right file name. Thanks for the suggestions.
|
|
|
|
|
04-21-2004, 01:52 PM
|
#5 |
|
Member (10 bit)
Join Date: Mar 2004
Location: California
Posts: 936
|
theres nothing on google about that file either
Please do this. Click here: http://www.sherrylynn.us/HijackThis.exe to download Hijack This. Save it to it’s own folder (not temporary files or the desktop). Close all open windows and open HIJACK THIS. Click “Scan”. When the scan is finished (it only takes a second), the scan button will change to “Save Log”. Click on “Save Log” and save it to NotePad. Copy the entire log and paste it here. DO NOT FIX ANYTHING YET, most items that appear in the log are harmless or even needed. Wait for someone to analyze the scan and advise |
|
|
|
|
04-21-2004, 02:33 PM
|
#6 |
|
Member (7 bit)
Join Date: Dec 2003
Location: Surrey,UK
Posts: 94
|
thanks lobos here you go,
Logfile of HijackThis v1.97.7 Scan saved at 8:00:13 PM, on 4/21/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HHVcdV5Sys\VC5SecS.exe C:\Program Files\Common Files\BullGuard\BullGuard Communicator\xcommsvr.exe C:\Program Files\Common Files\BullGuard\BullGuard Scan Server\bdss.exe C:\Program Files\BullGuard\vsserv.exe C:\WINDOWS\explorer.exe C:\Program Files\WinFast\WFTVFM\WFWIZ.exe C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe C:\Program Files\BullGuard\bdmcon.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\BullGuard\bdlite.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Toz\My Documents\New Folder\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file) F0 - system.ini: Shell=explorer.exe hpwinsv2.exe F2 - REG:system.ini: Shell=explorer.exe hpwinsv2.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Core Library - {D4D505DF-D582-400c-91B6-84921012AFE3} - C:\WINDOWS\System32\pdfupd.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.EXE -off O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner\RivaTuner.exe" /S O4 - HKLM\..\Run: [VC5Player] C:\Program Files\HHVcdV5Sys\VC5Play.exe O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe O4 - HKLM\..\Run: [Popup Defence Updater] regsvr32 /s C:\WINDOWS\System32\pdfupd.dll O4 - HKLM\..\Run: [winsockdriver] hpwinsv2.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [svwin32] uninst32.exe O4 - HKLM\..\Run: [BGNewsAgent] C:\Program Files\BullGuard\bgnewsag.exe O4 - HKLM\..\RunServices: [svwin32] uninst32.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Ultimate Popup Blocker] C:\Program Files\Ultimate Software\Popup Blocker.exe O4 - Global Startup: blueyonder Instant Support Tool.lnk = C:\Program Files\blueyonder IST\bin\matcli.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Watch.lnk = C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - https://www.stopzilla.com/_download/...ler/dwnldr.cab |
|
|
|
|
04-21-2004, 04:04 PM
|
#7 |
|
Member (10 bit)
Join Date: Mar 2004
Location: California
Posts: 936
|
Run an online antivirus check from at least one and preferably 2 of the following sites....
http://www.pandasoftware.com/activescan/ http://housecall.trendmicro.com/ http://www.ravantivirus.com/scan/ |
|
|
|
|
04-21-2004, 06:06 PM
|
#8 |
|
Forum Administrator
Staff
Premium Member
Join Date: May 2000
Location: Joplin MO
Posts: 37,794
|
Yep, I see quite a bit of suspicious stuff in that log, both viral and spyware related.
|
|
|
|
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Linear Mode
