Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1] 2  All   Go Down

Author Topic: Ms-dos window pops up every few seconds  (Read 19938 times)

0 Members and 1 Guest are viewing this topic.

mari08

    Topic Starter


    Rookie

    Ms-dos window pops up every few seconds
    « on: January 12, 2008, 05:38:07 PM »
    A command prompt window appears for a half of a second every 3 seconds - continuously. This happens for a few days and then stops to my relief but comes back again after some weeks. Restarting or scanning the computer for viruses don't seem too work.

    The command prompt window says "The syntax of the command is incorrect"  I was able to catch what it said when the computer froze. Anyway, I have an HP computer running Windows Vista. Help?
    Logged

    Broni


      Mastermind
    • Kraków my love :)
      • Thanked: 614
      • Computer Help Forum
    • Computer: Specs
    • Experience: Experienced
    • OS: Windows 8
    Re: Ms-dos window pops up every few seconds
    « Reply #1 on: January 12, 2008, 07:46:33 PM »
    Let's start with....

    1. Run free ESET Online Scanner at: http://www.eset.com/onlinescan/
    Note: This Scanner is for Internet Explorer Only
       1.  You will notice that the "Start" button is grayed out. Place a check mark at "Yes, I accept the Terms of use". The "Start" button will become visible. Click on it.
       2. If it wants to install an ActiveX component allow it
       3. You will be asked to install an ActiveX, click the "Install" button (Note: If you have a Firewall install you may have to approve the installation)
       4. Once ActiveX control is installed click on the "Start" button to initialize the scanner
       5. After initialization is complete uncheck\untick "Remove found threats"
       6. Check\tick "Scan unwanted applications"
       7. Click the "Scan" button
       8. Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt
    Post ESET's log.

    2. Download SUPERAntiSpyware Free for Home Users:
    http://www.superantispyware.com/

    Print these instructions out.

        * Double-click SUPERAntiSpyware.exe and use the default settings for installation.
        * An icon will be created on your desktop. Double-click that icon to launch the program.
        * If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
        * Close SUPERAntiSpyware.

    Restart computer in Safe Mode.
    To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

        * Open SUPERAntiSpyware.
        * Under "Configuration and Preferences", click the Preferences button.
        * Click the Scanning Control tab.
        * Under Scanner Options make sure the following are checked (leave all others unchecked):
              o Close browsers before scanning.
              o Scan for tracking cookies.
              o Terminate memory threats before quarantining.
        * Click the "Close" button to leave the control center screen.
        * Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
        * On the left, make sure you check C:\Fixed Drive.
        * On the right, under "Complete Scan", choose Perform Complete Scan.
        * Click "Next" to start the scan. Please be patient while it scans your computer.
        * After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
        * Make sure everything has a checkmark next to it and click "Next".
        * A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
        * If asked if you want to reboot, click "Yes".
        * To retrieve the removal information after reboot, launch SUPERAntispyware again.
              o Click Preferences, then click the Statistics/Logs tab.
              o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
              o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
              o Please copy and paste the Scan Log results in your next reply with a new HijackThis log.
        * Click Close to exit the program.
    Post SUPERAntiSpyware log.

    3. Download HijackThis:
    http://www.snapfiles.com/get/hijackthis.html
    Post HijackThis log.
    Logged

    mari08

      Topic Starter


      Rookie

      Re: Ms-dos window pops up every few seconds
      « Reply #2 on: January 13, 2008, 01:37:41 PM »
      Thanks for replying, here are the logs:

      This is the EST Scan log
      # version=4
      # OnlineScanner.ocx=1.0.0.56
      # OnlineScannerDLLA.dll=1, 0, 0, 51
      # OnlineScannerDLLW.dll=1, 0, 0, 51
      # OnlineScannerUninstaller.exe=1, 0, 0, 49
      # vers_standard_module=2787 (20080112)
      # vers_arch_module=1.061 (20080110)
      # vers_adv_heur_module=1.064 (20070717)
      # EOSSerial=1c3cb799e6bb3745a2ca4d4f6efdcf72
      # end=finished
      # remove_checked=false
      # unwanted_checked=true
      # utc_time=2008-01-13 10:27:51
      # local_time=2008-01-13 02:27:51 (-0800, Pacific Standard Time)
      # country="United States"
      # osver=6.0.6000 NT
      # scanned=917807
      # found=0
      # scan_time=25668


      SUPERAntiSpyware Scan Log
      http://www.superantispyware.com

      Generated 01/13/2008 at 12:11 PM

      Application Version : 3.9.1008

      Core Rules Database Version : 3379
      Trace Rules Database Version: 1373

      Scan type       : Complete Scan
      Total Scan Time : 02:08:04

      Memory items scanned      : 224
      Memory threats detected   : 0
      Registry items scanned    : 9042
      Registry threats detected : 0
      File items scanned        : 175867
      File threats detected     : 61

      Adware.Tracking Cookie
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@hitbox[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@2o7[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@atdmt[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@questionmarket[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@adinterax[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@tribalfusion[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@atwola[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@mediaplex[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@specificclick[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@advertising[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@adrevolver[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@doubleclick[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@2o7[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@adbrite[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@adinterax[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@adlegend[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@adrevolver[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@advertising[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@atdmt[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@atwola[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@casalemedia[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@doubleclick[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@fastclick[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@hitbox[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@mediaplex[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@questionmarket[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@realmedia[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@revsci[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@specificclick[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@statcounter[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@tacoda[1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@tradedoubler[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@trafficmp[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@tribalfusion[2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt
         C:\Users\owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@zedo[2].txt
         C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@2o7[1].txt



      Logged

      mari08

        Topic Starter


        Rookie

        Re: Ms-dos window pops up every few seconds
        « Reply #3 on: January 13, 2008, 01:38:24 PM »
        This the Hijackthis log:

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 12:31:55 PM, on 1/13/2008
        Platform: Windows Vista  (WinNT 6.00.1904)
        MSIE: Internet Explorer v7.00 (7.00.6000.16575)
        Boot mode: Normal

        Running processes:
        C:\Windows\system32\taskeng.exe
        C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
        C:\Windows\system32\Dwm.exe
        C:\Windows\Explorer.EXE
        C:\hp\support\hpsysdrv.exe
        C:\Windows\RtHDVCpl.exe
        C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
        C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
        C:\Program Files\Common Files\Real\Update_OB\realsched.exe
        C:\Program Files\QuickTime\QTTask.exe
        C:\Program Files\PowerISO\PWRISOVM.EXE
        C:\Windows\System32\rundll32.exe
        C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
        C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
        C:\Program Files\Windows Sidebar\sidebar.exe
        C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
        C:\Windows\ehome\ehtray.exe
        C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
        C:\Program Files\Windows Media Player\wmpnscfg.exe
        C:\Windows\system32\wbem\unsecapp.exe
        C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
        C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
        C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
        C:\Program Files\MagicDisc\MagicDisc.exe
        C:\Windows\System32\rundll32.exe
        C:\Windows\ehome\ehmsas.exe
        C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
        C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
        C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
        C:\hp\kbd\kbd.exe
        C:\Windows\system32\conime.exe
        C:\Program Files\Hewlett-Packard\HP Advisor\SSDK04.exe
        C:\Program Files\Mozilla Firefox\firefox.exe
        C:\Windows\system32\SearchFilterHost.exe
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        O1 - Hosts: ::1 localhost
        O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
        O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
        O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
        O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
        O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
        O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
        O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
        O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
        O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
        O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
        O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

        « Last Edit: January 15, 2008, 12:18:54 AM by mari08 »
        Logged

        mari08

          Topic Starter


          Rookie

          Re: Ms-dos window pops up every few seconds
          « Reply #4 on: January 13, 2008, 01:38:37 PM »
          O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
          O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
          O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
          O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
          O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
          O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
          O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
          O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
          O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
          O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
          O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
          O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
          O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
          O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
          O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
          O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
          O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
          O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
          O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
          O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
          O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
          O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
          O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
          O4 - Global Startup: HP Connections.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
          O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
          O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O13 - Gopher Prefix:
          O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab
          O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
          O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
          O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
          O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
          O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
          O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
          O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
          O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
          O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
          O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (file missing)
          O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
          O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe (file missing)
          O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
          O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
          O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
          O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
          O23 - Service: SessionLauncher - Unknown owner - C:\Users\Owner\AppData\Local\Temp\DX9\SessionLauncher.exe (file missing)
          O23 - Service: stllssvr - Unknown owner - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
          O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

          --
          End of file - 11200 bytes
          « Last Edit: January 13, 2008, 04:49:15 PM by mari08 »
          Logged

          Broni


            Mastermind
          • Kraków my love :)
            • Thanked: 614
            • Computer Help Forum
          • Computer: Specs
          • Experience: Experienced
          • OS: Windows 8
          Re: Ms-dos window pops up every few seconds
          « Reply #5 on: January 13, 2008, 08:35:03 PM »
          OK.
          Your log is fairly clean, but...
          I can't see any antivirus, nor firewall running. What's up with that?
          I can see some Norton leftovers, and other unnecessary startups, which we'll have to clean up, eventually.

          I'd like to also ask you to upload launcher.exe file, located in C:\WINDOWS\SMINST folder to http://virusscan.jotti.org/ for security check.
          Logged

          mari08

            Topic Starter


            Rookie

            Re: Ms-dos window pops up every few seconds
            « Reply #6 on: January 13, 2008, 11:22:26 PM »
            This scan found nothing. Anyway, the MS-DOS program no longer appears, though I am not sure if it is due to the programs that you recommended. The reason I say this is because it usually last a few days, then comes back few weeks later. Even though it stopped for now, I would like to know what is causing it and how to prevent it.
            Logged

            Broni


              Mastermind
            • Kraków my love :)
              • Thanked: 614
              • Computer Help Forum
            • Computer: Specs
            • Experience: Experienced
            • OS: Windows 8
            Re: Ms-dos window pops up every few seconds
            « Reply #7 on: January 14, 2008, 06:33:35 PM »
            Quote
            I can't see any antivirus, nor firewall running. What's up with that?
            Logged

            mari08

              Topic Starter


              Rookie

              Re: Ms-dos window pops up every few seconds
              « Reply #8 on: January 14, 2008, 10:14:24 PM »
              I have Windows OneCare running. Onecare provides both those services.
              Logged

              Broni


                Mastermind
              • Kraków my love :)
                • Thanked: 614
                • Computer Help Forum
              • Computer: Specs
              • Experience: Experienced
              • OS: Windows 8
              Re: Ms-dos window pops up every few seconds
              « Reply #9 on: January 14, 2008, 10:26:52 PM »
              OK, then. Let me check your HJT log again.
              Logged

              Broni


                Mastermind
              • Kraków my love :)
                • Thanked: 614
                • Computer Help Forum
              • Computer: Specs
              • Experience: Experienced
              • OS: Windows 8
              Re: Ms-dos window pops up every few seconds
              « Reply #10 on: January 14, 2008, 10:37:39 PM »
              1. Print this post out, since you won't have an access to it, at some point.

              2. Close all windows, except for HijackThis.

              3. Put a checkmark next to the following HijackThis entries:

              - O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

              - O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
                 
              - O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

              - O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

              - O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

              - O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

              - O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

              - O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe


              4. Click on "Fix checked" button.

              5. Restart computer, and post new HJT log.
              Logged

              mari08

                Topic Starter


                Rookie

                Re: Ms-dos window pops up every few seconds
                « Reply #11 on: January 15, 2008, 12:17:46 AM »
                I got a blue screen of death after doing that, should I be concerned?  ???

                Anyway, here is the log:
                Logfile of Trend Micro HijackThis v2.0.2
                Scan saved at 11:12:31 PM, on 1/14/2008
                Platform: Windows Vista  (WinNT 6.00.1904)
                MSIE: Internet Explorer v7.00 (7.00.6000.16575)
                Boot mode: Normal

                Running processes:
                C:\Windows\system32\taskeng.exe
                C:\Windows\system32\Dwm.exe
                C:\Windows\Explorer.EXE
                C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
                C:\hp\support\hpsysdrv.exe
                C:\Windows\RtHDVCpl.exe
                C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
                C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
                C:\Program Files\Common Files\Real\Update_OB\realsched.exe
                C:\Program Files\QuickTime\QTTask.exe
                C:\Program Files\PowerISO\PWRISOVM.EXE
                C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
                C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
                C:\Windows\System32\rundll32.exe
                C:\Program Files\Windows Sidebar\sidebar.exe
                C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
                C:\Windows\ehome\ehtray.exe
                C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                C:\Program Files\Windows Media Player\wmpnscfg.exe
                C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
                C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
                C:\Windows\system32\wbem\unsecapp.exe
                C:\Windows\System32\rundll32.exe
                C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
                C:\Windows\ehome\ehmsas.exe
                C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
                C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
                C:\hp\kbd\kbd.exe
                C:\Windows\system32\conime.exe
                C:\Program Files\Hewlett-Packard\HP Advisor\SSDK04.exe
                C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
                R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
                R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
                R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
                O1 - Hosts: ::1 localhost
                O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
                O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
                O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
                O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
                O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
                O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
                O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
                O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
                O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
                O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
                O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
                O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
                O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
                O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
                O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
                O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
                O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
                O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
                O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
                O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
                O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
                O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
                O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
                O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
                O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
                O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
                O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
                O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
                O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
                O4 - Global Startup: HP Connections.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
                O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

                Logged

                mari08

                  Topic Starter


                  Rookie

                  Re: Ms-dos window pops up every few seconds
                  « Reply #12 on: January 15, 2008, 12:17:58 AM »
                  O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                  O13 - Gopher Prefix:
                  O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab
                  O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
                  O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
                  O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
                  O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
                  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
                  O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
                  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                  O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
                  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
                  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
                  O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
                  O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
                  O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
                  O23 - Service: Roxio UPnP Renderer 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (file missing)
                  O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
                  O23 - Service: Roxio Upnp Server 9 - Unknown owner - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe (file missing)
                  O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
                  O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
                  O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
                  O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
                  O23 - Service: SessionLauncher - Unknown owner - C:\Users\OWner\AppData\Local\Temp\DX9\SessionLauncher.exe (file missing)
                  O23 - Service: stllssvr - Unknown owner - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
                  O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
                  Logged

                  Broni


                    Mastermind
                  • Kraków my love :)
                    • Thanked: 614
                    • Computer Help Forum
                  • Computer: Specs
                  • Experience: Experienced
                  • OS: Windows 8
                  Re: Ms-dos window pops up every few seconds
                  « Reply #13 on: January 15, 2008, 06:34:55 PM »
                  Quote
                  I got a blue screen of death after doing that, should I be concerned?
                  If it happens again, write down the error message.

                  Now...
                  Go Start>Run, type in:
                  services.msc
                  Click OK.
                  Services window will open.
                  Find following three services:
                  - Symantec Lic NetConnect service
                  - LiveUpdate Notice Service Ex
                  - LiveUpdate Notice Service

                  In each case, right click on service, click Stop
                  Right click again, click Properties, and set it to Disable.

                  Restart computer. Post new HJT log.
                  Logged

                  mari08

                    Topic Starter


                    Rookie

                    Re: Ms-dos window pops up every few seconds
                    « Reply #14 on: January 15, 2008, 08:06:06 PM »
                    Only LiveUpdate Notice Service Ex had the option to be stopped, the other two appeared to be stopped.
                    On the properties, there is a disable option only on the "Log on" tab and I disabled the hardware profiles for all three services, is that right? Here is the new log -

                    Logfile of Trend Micro HijackThis v2.0.2
                    Scan saved at 6:54:10 PM, on 1/15/2008
                    Platform: Windows Vista  (WinNT 6.00.1904)
                    MSIE: Internet Explorer v7.00 (7.00.6000.16575)
                    Boot mode: Normal

                    Running processes:
                    C:\Windows\system32\Dwm.exe
                    C:\Windows\Explorer.EXE
                    C:\Windows\system32\taskeng.exe
                    C:\hp\support\hpsysdrv.exe
                    C:\Windows\RtHDVCpl.exe
                    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
                    C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
                    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
                    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
                    C:\Program Files\QuickTime\QTTask.exe
                    C:\Program Files\PowerISO\PWRISOVM.EXE
                    C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
                    C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
                    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
                    C:\Windows\System32\rundll32.exe
                    C:\Program Files\Windows Sidebar\sidebar.exe
                    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
                    C:\Windows\ehome\ehtray.exe
                    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                    C:\Program Files\Windows Media Player\wmpnscfg.exe
                    C:\Windows\system32\wbem\unsecapp.exe
                    C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
                    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
                    C:\Program Files\MagicDisc\MagicDisc.exe
                    C:\Windows\System32\rundll32.exe
                    C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
                    C:\Windows\ehome\ehmsas.exe
                    C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
                    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
                    C:\hp\kbd\kbd.exe
                    C:\Program Files\Hewlett-Packard\HP Advisor\SSDK04.exe
                    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
                    C:\Program Files\Microsoft Windows OneCare Live\GtCC.exe
                    C:\Program Files\Mozilla Firefox\firefox.exe

                    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
                    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
                    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
                    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
                    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
                    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
                    O1 - Hosts: ::1 localhost
                    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
                    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
                    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
                    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
                    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
                    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
                    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
                    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
                    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
                    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
                    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
                    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
                    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
                    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
                    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
                    O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
                    O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
                    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
                    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
                    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
                    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
                    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
                    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
                    O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
                    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
                    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
                    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
                    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
                    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
                    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
                    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
                    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
                    O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
                    O4 - Global Startup: HP Connections.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
                    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
                    O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
                    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
                    O13 - Gopher Prefix:
                    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-US/wlscctrl2.cab

                    Logged
                    Pages: [1] 2  All   Go Up
                    « previous next »