hpwsp_bho.dll

This came up as an add on problem and shuts down my browser. I ran hijackthis and it showed the following:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:48 AM, on 4/23/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Automatic Update\AutoUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdpserv.exe
C:\WINDOWS\system32\lxdpcoms.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lenovo\PM Driver\PMSveH.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\Webshots\Webshots.scr
C:\Program Files\Automatic Update\AutoUpdateGUI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Application Data\Amadeus\Viewer\Showcase.exe
C:\Program Files\Trams\CBPlus\CBPlus.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.32.0\MySpaceToolbar.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.32.0\MySpaceToolbar.dll

The rest of the logfile:

O4 - HKLM..\Run: [PMHandler] C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
O4 - HKLM..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM..\Run: [LPManager] C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe
O4 - HKLM..\Run: [DiskeeperSystray] “C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe”
O4 - HKLM..\Run: [cssauth] “C:\Program Files\Lenovo\Client Security Solution\cssauth.exe” silent
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM..\Run: [RoxWatchTray] “C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe”
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM..\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM..\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra ‘Tools’ menuitem: ThinkVantage Password Manager… - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://diagnostic.amadeus.com
O15 - Trusted Zone: .amadeus.com
O15 - Trusted Zone: .amadeus.net
O15 - Trusted Zone: http://
.amadeuscruise.com
O15 - Trusted Zone: .amadeuscruise.com
O15 - Trusted Zone: http://
.amadeuscruise.com
O15 - Trusted Zone: .amadeuscruise.net
O15 - Trusted Zone: http://
.amadeusferry.com
O15 - Trusted Zone: .amadeusferry.com
O15 - Trusted Zone: .amadeusproprinter.com
O15 - Trusted Zone: http://
.amadeusproweb.com
O15 - Trusted Zone: http://
.amadeusproweb.com
O15 - Trusted Zone: http://
.amadeusvista.com
O15 - Trusted Zone: .amadeusvista.com
O15 - Trusted Zone: http://
.amadeusvista.com
O15 - Trusted Zone: http://.amadeuscruise.com (HKLM)
O15 - Trusted Zone: http://
.amadeuscruise.com (HKLM)
O15 - Trusted Zone: http://.amadeusferry.com (HKLM)
O15 - Trusted Zone: http://
.amadeusproweb.com (HKLM)
O15 - Trusted Zone: http://.amadeusproweb.com (HKLM)
O15 - Trusted Zone: http://
.amadeusvista.com (HKLM)
O15 - Trusted Zone: http://*.amadeusvista.com (HKLM)
O16 - DPF: {051FE707-9706-11D5-A836-000102A7C938} (Amadeus Automatic Update) - http://amadeuscruise.com/AutomaticUpdate/AutoUpdateATL.CAB
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {0DA69429-A757-4D6F-A827-DB1AF052DDAF} (M6 - VA Launcher) - http://voice.consolidated.net/webportal/plugins/VA.cab
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3DB1664D-0C8F-449E-A909-83F0C39BBF43} (ShellFromSell.Shell) - http://www.aeuniversity.com/home/sellingplatform/ShellFromSell.CAB
O16 - DPF: {469C92F9-CA8E-4C3E-9AD4-F74EEF097BCA} (Amadeus DS Diagnostic Class) - http://diagnostic.amadeus.com/TravelAgencies/Cabs/DS_Diagnostic.cab
O16 - DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} (AxLoaderPassword Class) - http://www.blackberry.com/devicesoftware/AxLoader.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
O16 - DPF: {5CCB8990-66EF-4466-B051-CD27FA3821DF} (AmadeusNA.Library) - http://extranets.us.amadeus.com/techservices/documents/SoftwareDistribution/Amadeus-CS-MIA/AmadeusCanadaLibrary/msi/V1.0.1/install.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229555700703
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229555692328
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} (YbUploadFavsCtl Class) - http://us.bookmarks.yahoo.com/YbConvFav.CAB
O16 - DPF: {CC49479E-93A8-455E-959A-C49BE895D87C} (M6 - VM Player Launcher) - http://voice.consolidated.net/webportal/plugins/VMPlayer.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://trams.webex.com/client/T26L/support/ieatgpc.cab
O16 - DPF: {E2E92FDA-7588-11D3-8F93-00008321C804} (MSIInspect.FileSystemObject) - http://amadeuscruise.com/common/cabs/MSIInspect.CAB
O16 - DPF: {E90EF4C9-1476-4C49-B926-97C7D9D30A06} (Certificates_Info Class) - http://certificates.amadeusvista.com/certificateinfo/CCCert_Info.CAB
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

And the rest again:

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Amadeus Automatic Update - Amadeus - C:\Program Files\Automatic Update\AutoUpdate.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Fn+F5 Service (FNF5SVC) - Lenovo. - C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxdpCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdpserv.exe
O23 - Service: lxdp_device - - C:\WINDOWS\system32\lxdpcoms.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: PMSveH - Lenovo - C:\Program Files\Lenovo\PM Driver\PMSveH.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


End of file - 17963 bytes

:slight_smile: Hi :

This is the Avast Support Forums for those who use Avast ; looking through
the 3 “parts” of the HijackThis Log show NO entry for Avast, so WHY are you
asking for help on these forums ? In fact, I saw no antiVIRUS program listed
in the HijackThis log, which seems an unwise decision !?

Hi honeyalmasri

Just a survey of your active tasks
smss.exe

System task

Session Manager Subsystem
winlogon.exe

System task

Microsoft Windows Logon Process
services.exe

System task

Windows Service Controller
lsass.exe

System task

Local Security Authority Service
svchost.exe

System task

Microsoft Service Host Process
svchost.exe

System task

Microsoft Service Host Process
spoolsv.exe

System task

Microsoft Printer Spooler Service

IPSSVC.EXE

Lexmark printer associated

Backgroundtask
ACService.exe

Backgroundtask

ArcSoft Connect Service
AcPrfMgrSvc.exe

Backgroundtask

Ac Profile Manager Service
AutoUpdate.exe

Backgroundtask

Additional item added to start-ups after AT&T took over the now bankrupt Excite@home high-speed internet service.
AppleMobileDeviceService.exe

Backgroundtask

Apple Mobile Device Service
BcmSqlStartupSvc.exe

Application

BcmSqlStartupSvc
mDNSResponder.exe

Backgroudtask

Bonjour for Windows Component
DkService.exe

Backgroundtask

Executive Software

FNF5SVC.exe

It is a Verisign signed file. The file is digitally signed. The file is not a Windows core file. Therefore the technical security rating is 22% dangerous, however also read the users reviews.
Unknown task - could upload it to virustotal.com for report there…

Unknown task
svchost.exe

System task

Microsoft Service Host Process
svchost.exe

System task

Microsoft Service Host Process
iviRegMgr.exe

Backgroundtask

RegMgr Module
jqs.exe

Backgroundtask

jqs.exe

lxdpserv.exe

Printer related

Backgroundtask

lxdpcoms.exe

Printer related

Backgroundtask
svchost.exe

System task

Microsoft Service Host Process
svchost.exe

System task

Microsoft Service Host Process

PMSveH.exe

Backgroundtask lenovo PM driver

Backgroundtask
PSIService.exe

Achtergrondtaak

Protexis Copy Protection and License Management So
PSIService.exe

Backgroundtask

Protexis Copy Protection and License Management So

RoxioUpnpService9.exe

Backgroundtask

Backgroundtask
sqlwriter.exe

Backgroundtask

Microsoft SQL Server
svchost.exe

System task

Microsoft Service Host Process
tvt_reg_monitor_svc.exe

Backgroundtask

ThinkVantage Registry Monitor Service Module
rrpservice.exe

Backgroundtask

Recovery Module
rrservice.exe

Backgroundtask

IBM ThinkVantage Rescue and Recovery
tvtsched.exe

Backgroundtask

IBM ThinkVantage Scheduler
ViewpointService.exe

Backgroundtask

View Manager Service

YahooAUService.exe

Backgroundtask

Backgroundtask
AcSvc.exe

Backgroundtask Lenovo ThinkPad related

Access Connections Main Service
nmsrvc.exe

Backgroundtask

Pure Networks Network Magic
logmon.exe

Backgroundtask

logmon
suservice.exe The program has no visible window. SUService.exe is not a Windows system file. The process can be removed using the control panel Add\Remove programs applet. There is no description of the program. SUService.exe seems to be a compressed file. Therefore the technical security rating is 40% dangerous, however also read the users reviews. Check at virustotal.com for report

Virusscan

McAfee Streaming Update Service
Explorer.EXE

System task

Microsoft Windows Explorer

PMHandler.exe PMHandler.exe is able to record inputs. Therefore the technical security rating is 32% dangerous, however also read the users reviews. Could check at virustotal.com

Backgroundtask

Backgroundtask
TPFNF7SP.exe Part of Lenovo

Backgroundtask

TPFNF7SP.exe

TpWAudAp.exe

Backgroundtask

Backgroundtask
AGRSMMSG.exe

System task

IBM AMR modem driver
igfxtray.exe

Application

Intel Graphics configuration and diagnostic application
DkIcon.exe

Backgroundtask

DisKeeper defragmentation software
hkcmd.exe

Application

Intel multimedia devices
igfxpers.exe

Driver

Intel Common User Interface Module
scheduler_proxy.exe

Backgroundtask

scheduler_proxy Application
igfxsrvc.exe Intel graphics card related

Driver

Intel(R) Common User Interface
LPMGR.exe

Backgroundtask

ThinkVantage Productivity Center Manager
cssauth.exe

Backgroundtask

Client Security Solution
ACDaemon.exe

Kodak related

Arcsoft freeware

tvtpwm_tray.exe

Backgroundtask

Onbekende taak
iTunesHelper.exe

Application

Apple Itunes
SUPERAntiSpyware.exe

Anti Add/Spyware software

SUPERAntiSpyware
ctfmon.exe

System task

Alternative User Input Services
WMPNSCFG.exe

Backgroundtask

Windows Media Player Network Sharing Service Confi
Webshots.scr

Backgroundtask

Webshots Desktop Image Downloader

AutoUpdateGUI.exe

Backgroundtask

Backgroundtask
iPodService.exe

Backgroundtask

Apple iTunes
RoxMediaDB9.exe

Backgroundtask

Roxio Easy Media Creator Module
SvcGuiHlpr.exe

Backgroundtask

ThinkVantage Access Connections Service GUI Helper
iexplore.exe

Application

Microsoft Internet Explorer

Showcase.exe

Backgroundtask

Backgroundtask

CBPlus.exe

Backgroundtask

Backgroundtask
msnmsgr.exe

Application

MSN Messenger
msnmsgr.exe

Application

Messenger
usnsvc.exe

Application

Messenger Sharing USN Journal Reader Service
HijackThis.exe

Application

Hijackthis 2.0.2

I see no direct logfile txt related threats, but there is no active software fw installed. Is your resident av solution MacAfee, and is that updated and patched,

polonus