Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HiJackThis Log


  • Please log in to reply

#1
nottoday

nottoday

    New Member

  • Member
  • Pip
  • 2 posts
I have a brand new hard drive (installed because I could not rid myself of Unknown Users on certain programs on the old drive) and reinstalled Windows XP from the original disk which came with the computer.
I have carefully followed all the steps that I can in your tutorial. Emphasis: this is a brand new hard drive and has never been connected to the internet.
The unknown users STILL SHOW on certain programs, and cannot be deleted. I installed AVG to scan and the unknown users installed itself onto that program as well. HELP!!!!!!
Looking for an opinion as to whether this computer is safe to continue to use or not.
Also any opinions on what is up with the unknown users.

HiJackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 4:39:55 PM, on 10/12/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\HijackThis1991\HijackThis.exe

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe



Screenshot of Unknown User:
attached

Attached Thumbnails

  • ScreenShot002.jpg
  • ScreenShot007.jpg

  • 0

Advertisements


#2
therock247uk

therock247uk

    Expert

  • Expert
  • 14,672 posts
  • MVP
Just had someone try a new Microsoft Windows XP Home install and they have the same accounts so...

In Windows XP professional there is a user group known as 'Power Users' that have certain special permissions present that fit inbetween users and administrators. In Windows XP Professional, under the security tab, this shows up as 'Power Users' as expected. However, Windows XP Home does not have the 'Power Users' group as it lacks the security permission features that Windows XP Professional has.

However, these permissions do actually still exist, they are just not visible to the user in windows XP Home. However, as you have found, in safe mode, the security tab shows up. Because these permissions for the 'Power Users' group are set, but the Power Users group doesn ot exist in XP Home, it shows up as 'Account Unknown' because there is nothing corresponding to the ID for the power users group (S-1-5-32-547).

Suffice to say, this is normal behaviour and nothing to worry about. This occurs on every XP Home install, not just yours, and is normal and expected behaviour. The reason it appears as 'Account Unknown' rather than 'Power Users' is because 'Power Users' isn't defined on XP Home, however the permissions still are. Therefore, in this case, there is nothing to worry about


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP