Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - ummzee

Pages: [1]

Site Feedback / What is going on with the forums - What did I miss?

« on: September 13, 2018, 02:45:26 PM »

I have been away and my computer is acting up. I have been trying to get into, The Tech Clinic forum, no success. The reply dates are old. What is happening. I saw a note somewhere says we can not post anything after tomorrow and about 9:30 am. What did I miss?

Thanks

Tech Clinic / Computer Locking, freezing and often Not responding

« on: September 13, 2018, 08:45:37 AM »

HELP!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.09.2018

Ran by Fatima (administrator) on FATIMA-PC (13-09-2018 09:15:27)

Running from C:\\Users\\Fatima\\Downloads

Loaded Profiles: Fatima (Available Profiles: Fatima & Mcx1-FATIMA-PC)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/\'>http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Two Pilots) C:\\Windows\\VPDAgent_x64.exe

(AMD) C:\\Windows\\System32\\atiesrxx.exe

(IDT, Inc.) C:\\Windows\\System32\\DriverStore\\FileRepository\\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\\stacsv64.exe

(Stardock Corporation) C:\\Program Files\\Dell\\DellDock\\DockLogin.exe

(AMD) C:\\Windows\\System32\\atieclxx.exe

(Microsoft Corporation) C:\\Windows\\System32\\wlanext.exe

(Adobe Systems Incorporated) C:\\Program Files (x86)\\Common Files\\Adobe\\Adobe Desktop Common\\ElevationManager\\AdobeUpdateService.exe

(Andrea Electronics Corporation) C:\\Program Files\\Realtek\\Audio\\HDA\\AERTSr64.exe

(Andrea Electronics Corporation) C:\\Windows\\System32\\DriverStore\\FileRepository\\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\\AESTSr64.exe

(Adobe Systems, Incorporated) C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGMService.exe

(Adobe Systems, Incorporated) C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGSService.exe

(Broadcom Corporation.) C:\\Program Files\\WIDCOMM\\Bluetooth Software\\btwdins.exe

(Fork, Ltd.) C:\\Windows\\Prey\\wpxsvc.exe

(Dell Inc.) C:\\Program Files\\Dell Printers\\Additional Color Laser Software\\Status Monitor\\dlsdbnt.exe

(Intel(R) Corporation) C:\\Program Files\\Intel\\WiFi\\bin\\EvtEng.exe

(Synaptics Incorporated) C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe

(Intel(R) Corporation) C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\iFrmewrk.exe

(Intel Corporation) C:\\Windows\\System32\\igfxtray.exe

(Intel Corporation) C:\\Windows\\System32\\hkcmd.exe

(Intel Corporation) C:\\Windows\\System32\\igfxpers.exe

(IDT, Inc.) C:\\Program Files\\IDT\\WDM\\sttray64.exe

() C:\\Program Files\\Google\\Drive\\googledrivesync.exe

(TechSmith Corporation) C:\\Program Files (x86)\\TechSmith\\Snagit 12\\Snagit32.exe

(Dropbox, Inc.) C:\\Users\\Fatima\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

() C:\\Program Files (x86)\\Motorola\\MotoConnectService\\MotoConnectService.exe

(Brother Industries, Ltd.) C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe

(Brother Industries, Ltd.) C:\\Program Files (x86)\\ControlCenter4\\BrCtrlCntr.exe

(The Neat Company) C:\\Program Files (x86)\\Neat\\exec\\NeatStartupService.exe

(Brother Industries, Ltd.) C:\\Program Files (x86)\\Brother\\Brother Help\\BrotherHelp.exe

(Motorola) C:\\Program Files (x86)\\Motorola\\MotoConnectService\\MotoConnect.exe

(Nuance Communications, Inc.) C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe

(Oracle Corporation) C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe

(Dropbox, Inc.) C:\\Users\\Fatima\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

(Symantec Corporation) C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\nortonsecurity.exe

(Novatel Wireless Inc.) C:\\Program Files (x86)\\Novatel Wireless\\Verizon\\Drivers\\NWHelper_001.exe

(O2Micro International) C:\\Windows\\System32\\drivers\\o2flash.exe

() C:\\Program Files (x86)\\HTC\\Internet Pass-Through\\PassThruSvr.exe

(Nuance Communications, Inc.) C:\\Program Files (x86)\\Nuance\\PaperPort\\PDFProFiltSrvPP.exe

(Symantec Corporation) C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\nortonsecurity.exe

(Brother Industries, Ltd.) C:\\Program Files (x86)\\ControlCenter4\\BrCcUxSys.exe

(Intel(R) Corporation) C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\RegSrvc.exe

(Microsoft Corporation) C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\SeaPort\\SeaPort.exe

(SoftThinks SAS) C:\\Program Files (x86)\\Dell DataSafe Local Backup\\SftService.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Update\\1.3.33.17\\GoogleCrashHandler.exe

(DEVGURU Co., LTD.) C:\\Program Files\\Samsung\\USB Drivers\\27_ssconn\\conn\\ss_conn_service.exe

(SoftThinks - Dell) C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Toaster.exe

(TeamViewer GmbH) C:\\Program Files (x86)\\TeamViewer\\TeamViewer_Service.exe

(SoftThinks - Dell) C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpd.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Update\\1.3.33.17\\GoogleCrashHandler64.exe

() C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\Scheduler\\STService.exe

(TechSmith Corporation) C:\\Program Files (x86)\\Common Files\\TechSmith Shared\\Uploader\\UploaderService.exe

(Novatel Wireless Inc.) C:\\Program Files (x86)\\Novatel Wireless\\LTE Support\\VZWMSConfig.exe

(Microsoft Corp.) C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WLIDSVC.EXE

(Dell Inc.) C:\\Program Files\\Dell Printers\\Additional Color Laser Software\\Status Monitor\\dlpwdnt.exe

(Microsoft Corp.) C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WLIDSVCM.EXE

(Brother Industries, Ltd.) C:\\Program Files (x86)\\Browny02\\BrYNSvc.exe

(TechSmith Corporation) C:\\Program Files (x86)\\TechSmith\\Snagit 12\\SnagPriv.exe

(Synaptics Incorporated) C:\\Program Files\\Synaptics\\SynTP\\SynTPHelper.exe

(Intel(R) Corporation) C:\\Program Files\\Intel\\TurboBoost\\TurboBoost.exe

(Piriform Ltd) C:\\Program Files\\CCleaner\\CCleaner64.exe

() C:\\Program Files\\Google\\Drive\\googledrivesync.exe

(TechSmith Corporation) C:\\Program Files (x86)\\TechSmith\\Snagit 12\\TscHelp.exe

(Microsoft Corporation) C:\\Windows\\Microsoft.NET\\Framework64\\v3.0\\WPF\\PresentationFontCache.exe

(TechSmith Corporation) C:\\Program Files (x86)\\TechSmith\\Snagit 12\\SnagitEditor.exe

(Dell Inc.) C:\\Program Files\\Dell\\DellDataVault\\DDVRulesProcessor.exe

(Intuit Inc.) C:\\Program Files (x86)\\Common Files\\Intuit\\Update Service v4\\IntuitUpdateService.exe

(Intel Corporation) C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe

(Dell Inc.) C:\\Program Files\\Dell\\SupportAssistAgent\\bin\\SupportAssistAgent.exe

(Dell Inc.) C:\\Program Files\\Dell\\DellDataVault\\DDVDataCollector.exe

(Dell Inc.) C:\\Program Files\\Dell\\DellDataVault\\DDVCollectorSvcApi.exe

(Intel Corporation) C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe

(Dell Inc.) C:\\Program Files\\Dell\\DellDataVault\\atiw.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

(Piriform Ltd) C:\\Program Files\\CCleaner\\CCleaner64.exe

(Google Inc.) C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\\...\\Run: [SynTPEnh] => C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe [1882920 2009-11-12] (Synaptics Incorporated)

HKLM\\...\\Run: [RtHDVCpl] => C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe [10144288 2010-04-13] (Realtek Semiconductor)

HKLM\\...\\Run: [IntelWireless] => C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\iFrmewrk.exe [1926928 2009-09-21] (Intel(R) Corporation)

HKLM\\...\\Run: [IntelTBRunOnce] => wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\"

HKLM\\...\\Run: [SysTrayApp] => C:\\Program Files\\IDT\\WDM\\sttray64.exe [487424 2010-01-21] (IDT, Inc.)

HKLM\\...\\Run: [AdobeGCInvoker-1.0] => C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)

HKLM-x32\\...\\Run: [PDF5 Registry Controller] => C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)

HKLM-x32\\...\\Run: [ControlCenter4] => C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd.)

HKLM-x32\\...\\Run: [BrStsMon00] => C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)

HKLM-x32\\...\\Run: [BrHelp] => C:\\Program Files (x86)\\Brother\\Brother Help\\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)

HKLM-x32\\...\\Run: [VMM Mode Selection] => C:\\Program Files\\HTC\\ModeSelection\\VMMModeSelection.exe [83448 2013-05-02] ()

HKLM-x32\\...\\Run: [IndexSearch] => C:\\Program Files (x86)\\Nuance\\PaperPort\\IndexSearch.exe [47432 2013-08-15] (Nuance Communications, Inc.)

HKLM-x32\\...\\Run: [PaperPort PTD] => C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe [31048 2013-08-15] (Nuance Communications, Inc.)

HKLM-x32\\...\\Run: [SunJavaUpdateSched] => C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe [601424 2018-07-07] (Oracle Corporation)

Winlogon\\Notify\\igfxcui: C:\\Windows\\system32\\igfxdev.dll (Intel Corporation)

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\Run: [Google Update] => C:\\Users\\Fatima\\AppData\\Local\\Google\\Update\\1.3.33.17\\GoogleUpdateCore.exe [601680 2018-05-18] (Google Inc.)

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\Run: [CCleaner Smart Cleaning] => C:\\Program Files\\CCleaner\\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\Run: [CCleaner Monitoring] => C:\\Program Files\\CCleaner\\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\Run: [GoogleDriveSync] => C:\\Program Files\\Google\\Drive\\googledrivesync.exe [46281248 2018-05-30] ()

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\MountPoints2: {06cd299e-10dd-11e0-88ad-f04da257da3c} - E:\\setup.exe -a

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\MountPoints2: {08eb830e-64d5-11e2-9207-f04da257da3c} - E:\\TL-Bootstrap.exe

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\MountPoints2: {0c5b8ee4-7adb-11e3-ba0e-f04da257da3c} - E:\\VZW_Software_upgrade_assistant.exe

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\...\\MountPoints2: {84ac383a-68ce-11e4-b6d9-f04da257da3c} - E:\\TL-Bootstrap.exe

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\Control Panel\\Desktop\\\\SCRNSAVE.EXE -> C:\\Windows\\System32\\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)

HKU\\S-1-5-18\\...\\Run: [CCleaner Monitoring] => C:\\Program Files\\CCleaner\\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)

Startup: C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Snagit 12.lnk [2015-04-14]

ShortcutTarget: Snagit 12.lnk -> C:\\Program Files (x86)\\TechSmith\\Snagit 12\\Snagit32.exe (TechSmith Corporation)

Startup: C:\\Users\\Default\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dell Dock First Run.lnk [2010-11-13]

ShortcutTarget: Dell Dock First Run.lnk -> C:\\Program Files\\Dell\\DellDock\\DellDock.exe (Stardock Corporation)

Startup: C:\\Users\\Default User\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dell Dock First Run.lnk [2010-11-13]

ShortcutTarget: Dell Dock First Run.lnk -> C:\\Program Files\\Dell\\DellDock\\DellDock.exe (Stardock Corporation)

Startup: C:\\Users\\Fatima\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk [2018-09-11]

ShortcutTarget: Dropbox.lnk -> C:\\Users\\Fatima\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe (Dropbox, Inc.)

Startup: C:\\Users\\Fatima\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Intel(R) Turbo Boost Technology Monitor 2.6.lnk [2018-01-17]

ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.6.lnk -> C:\\Program Files\\Intel\\TurboBoost\\SignalIslandUi.exe (Intel® Corporation)

Startup: C:\\Users\\Mcx1-FATIMA-PC\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dell Dock First Run.lnk [2010-11-13]

ShortcutTarget: Dell Dock First Run.lnk -> C:\\Program Files\\Dell\\DellDock\\DellDock.exe (Stardock Corporation)

GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

Tcpip\\..\\Interfaces\\{0054C452-8CDD-4E7D-AAE8-8D84E725FA99}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:

==================

HKLM\\Software\\Wow6432Node\\Microsoft\\Internet Explorer\\Main,Start Page = hxxp://www.google.com

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl

HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = g.msn.com/USCON/1

SearchScopes: HKLM -> {B0BFDAA2-3B59-4207-BC58-757731EB6BB8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {84F18B67-49B4-480E-AAB9-1A8898F5CEC8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

SearchScopes: HKU\\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001 -> {A98EC5E3-2197-4056-8F5D-81F7227F1A85} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle

SearchScopes: HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=1122&geo=US&ver=22.15.0.88&locale=en_US&guid=FF9C286D-3A2B-11E0-856B-F04DA257DA3C&doi=2016-09-01&gct=kwd&qsrc=2869

SearchScopes: HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001 -> {CA1E38D1-AFC7-4C63-8210-7925E82FB029} URL = hxxp://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20120519,17118,0,18,0

BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\\Program Files (x86)\\TechSmith\\Snagit 10\\DLLx64\\SnagitBHO64.dll [2011-11-08] (TechSmith Corporation)

BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\coIEPlg.dll [2018-08-05] (Symantec Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\\Program Files\\Microsoft Office\\Office14\\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File

BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\\Program Files (x86)\\TechSmith\\Snagit 10\\SnagitBHO.dll [2011-11-08] (TechSmith Corporation)

BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\Bin\\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)

BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\\Program Files (x86)\\Norton Security Suite\\Engine32\\22.15.0.88\\coIEPlg.dll [2018-08-05] (Symantec Corporation)

BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\\Program Files (x86)\\Microsoft\\Search Enhancement Pack\\Search Helper\\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\\Program Files (x86)\\Java\\jre1.8.0_181\\bin\\ssv.dll [2018-08-01] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\\Program Files (x86)\\Microsoft Office\\Office14\\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\\Program Files (x86)\\Java\\jre1.8.0_181\\bin\\jp2ssv.dll [2018-08-01] (Oracle Corporation)

Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\\Program Files (x86)\\TechSmith\\Snagit 10\\DLLx64\\SnagitIEAddin64.dll [2011-11-08] (TechSmith Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\coIEPlg.dll [2018-08-05] (Symantec Corporation)

Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\\Program Files (x86)\\TechSmith\\Snagit 10\\SnagitIEAddin.dll [2011-11-08] (TechSmith Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\\Program Files (x86)\\Norton Security Suite\\Engine32\\22.15.0.88\\coIEPlg.dll [2018-08-05] (Symantec Corporation)

Toolbar: HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\coIEPlg.dll [2018-08-05] (Symantec Corporation)

DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab

DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab

DPF: HKLM-x32 {42D683F7-9C1B-11D7-A860-005056C00001} hxxp://1973-phmc.org/tprdpenn.cab

DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab

DPF: HKLM-x32 {682C59F5-478C-4421-9070-AD170D143B77} hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab

DPF: HKLM-x32 {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB

DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://mywayphotos.riteaid.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://allscripts.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:

========

FF DefaultProfile: j0d8ivs7.default-1500893193942

FF ProfilePath: C:\\Users\\Fatima\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\j0d8ivs7.default-1500893193942 [2018-09-13]

FF Homepage: Mozilla\\Firefox\\Profiles\\j0d8ivs7.default-1500893193942 -> hxxps://www.google.com/

FF Plugin: @adobe.com/FlashPlayer -> C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_31_0_0_108.dll [2018-09-11] ()

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\\Program Files\\Microsoft Silverlight\\5.1.50907.0\\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\\PROGRA~1\\MICROS~2\\Office14\\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\\Program Files\\Microsoft\\Web Platform Installer\\\\npwpidetector.dll [2011-04-01] (Microsoft Corp)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\Utils\\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)

FF Plugin: adobe.com/AdobeExManDetect -> C:\\Program Files (x86)\\Adobe\\Adobe Extension Manager CS6\\Win64Plugin\\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_31_0_0_108.dll [2018-09-11] ()

FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\\Program Files (x86)\\Java\\jre1.8.0_181\\bin\\dtplugin\\npDeployJava1.dll [2018-08-01] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\\Program Files (x86)\\Java\\jre1.8.0_181\\bin\\plugin2\\npjp2.dll [2018-08-01] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.50907.0\\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\\PROGRA~2\\MIF5BA~1\\Office14\\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\\PROGRA~2\\MIF5BA~1\\Office14\\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\\Program Files\\Microsoft\\Web Platform Installer\\\\npwpidetector.dll [2011-04-01] (Microsoft Corp)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\\Program Files (x86)\\Google\\Update\\1.3.33.17\\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\\Program Files (x86)\\Google\\Update\\1.3.33.17\\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll [2014-07-22] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll [2014-07-22] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AIR\\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\Utils\\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)

FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\\Program Files (x86)\\Adobe\\Adobe Extension Manager CS6\\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)

FF Plugin HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001: @talk.google.com/GoogleTalkPlugin -> C:\\Users\\Fatima\\AppData\\Roaming\\Mozilla\\plugins\\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001: @talk.google.com/O1DPlugin -> C:\\Users\\Fatima\\AppData\\Roaming\\Mozilla\\plugins\\npo1d.dll [2015-12-08] (Google)

FF Plugin HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001: @tools.google.com/Google Update;version=3 -> C:\\Users\\Fatima\\AppData\\Local\\Google\\Update\\1.3.33.17\\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

FF Plugin HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001: @tools.google.com/Google Update;version=9 -> C:\\Users\\Fatima\\AppData\\Local\\Google\\Update\\1.3.33.17\\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\\Program Files (x86)\\mozilla firefox\\browser\\plugins\\npatgpc.dll [2017-01-05] (Cisco WebEx LLC)

FF Plugin ProgramFiles/Appdata: C:\\Users\\Fatima\\AppData\\Roaming\\mozilla\\plugins\\npatgpc.dll [2017-01-05] (Cisco WebEx LLC)

FF Plugin ProgramFiles/Appdata: C:\\Users\\Fatima\\AppData\\Roaming\\mozilla\\plugins\\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin ProgramFiles/Appdata: C:\\Users\\Fatima\\AppData\\Roaming\\mozilla\\plugins\\npo1d.dll [2015-12-08] (Google)

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxp://www.microsoftvirtualacademy.com/training-courses/html5-css3-fundamentals-development-for-absolute-beginners#?fbid=JquC4UGMzCZ

CHR StartupUrls: Default -> \"hxxps://www.udemy.com/discover/\",\"hxxp://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtByDyB0D0AtA0Czyzy0AzztN0D0Tzu0CyByDtCtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=1369991128&ir=\",\"hxxp://www.msn.com/?pc=U146&ocid=U146DHP\"

CHR NewTab: Default -> Not-active:\"chrome-extension://aoeapomnofcbnaoahibkibpcihkgdomm/newtabproduct.html\"

CHR Session Restore: Default -> is enabled.

CHR Profile: C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default [2018-09-13]

CHR Extension: (YourTemplateFinder ) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\aoeapomnofcbnaoahibkibpcihkgdomm [2018-08-22]

CHR Extension: (Google Drive) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\apdfllckaahabafndbhieahigkjlhalf [2015-12-25]

CHR Extension: (YouTube) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-25]

CHR Extension: (Norton Security Toolbar) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\cjabmdjcfcfdmffimndhafhblfmpjdpe [2018-08-22]

CHR Extension: (Google Search) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-25]

CHR Extension: (Adobe Acrobat) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]

CHR Extension: (Google Docs Offline) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]

CHR Extension: (Norton Safe) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\hbmobhkkblcgdifigjglcjneplefbkmh [2018-07-26]

CHR Extension: (Yahoo Partner) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\hikeppggmbhdgodhakicedaejpleoigm [2018-05-04]

CHR Extension: (Cisco Webex Extension) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\jlhmfgmfgeifomenelglieieghnjghma [2018-07-07]

CHR Extension: (Skype) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-17]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-09-01]

CHR Extension: (Chrome Web Store Payments) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]

CHR Extension: (Search Encrypt) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\onnfpbhkkijcalpbgblhjihnehkhdghg [2018-04-26]

CHR Extension: (Gmail) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]

CHR Extension: (Chrome Media Router) - C:\\Users\\Fatima\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-02]

CHR HKLM\\...\\Chrome\\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\Exts\\Chrome.crx <not found>

CHR HKLM\\...\\Chrome\\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\SOFTWARE\\Google\\Chrome\\Extensions\\...\\Chrome\\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\\Users\\Fatima\\AppData\\Local\\Google\\Drive\\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-04]

CHR HKU\\S-1-5-21-3410903177-2367560781-3634912286-1001\\SOFTWARE\\Google\\Chrome\\Extensions\\...\\Chrome\\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\\...\\Chrome\\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\Exts\\Chrome.crx <not found>

CHR HKLM-x32\\...\\Chrome\\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\\...\\Chrome\\Extension: [hikeppggmbhdgodhakicedaejpleoigm] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\\...\\Chrome\\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\\...\\Chrome\\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\\Program Files (x86)\\Common Files\\Adobe\\Adobe Desktop Common\\ElevationManager\\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)

R2 Agent; C:\\Windows\\VPDAgent_x64.exe [148480 2014-05-20] (Two Pilots) [File not signed]

R2 AGMService; C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)

R2 AGSService; C:\\Program Files (x86)\\Common Files\\Adobe\\AdobeGCClient\\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)

R3 BrYNSvc; C:\\Program Files (x86)\\Browny02\\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]

R2 CronService; c:\\Windows\\Prey\\wpxsvc.exe [611854 2015-10-09] (Fork, Ltd.) [File not signed]

R2 DDVCollectorSvcApi; C:\\Program Files\\Dell\\DellDataVault\\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)

R2 DDVDataCollector; C:\\Program Files\\Dell\\DellDataVault\\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)

R2 DDVRulesProcessor; C:\\Program Files\\Dell\\DellDataVault\\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)

S2 Dell Hardware Support; C:\\Program Files\\Dell\\SupportAssistAgent\\PCDr\\SupportAssist\\6.0.6992.1111\\DSAPI.exe [930112 2018-05-16] (PC-Doctor, Inc.)

R2 DLPWD; C:\\Program Files\\Dell Printers\\Additional Color Laser Software\\Status Monitor\\DLPWDNT.EXE [155496 2012-09-26] (Dell Inc.)

R2 DLSDB; C:\\Program Files\\Dell Printers\\Additional Color Laser Software\\Status Monitor\\DLSDBNT.EXE [343400 2012-09-26] (Dell Inc.)

S2 HPSupportSolutionsFrameworkService; C:\\Program Files (x86)\\Hp\\Common\\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)

R2 MotoConnect Service; C:\\Program Files (x86)\\Motorola\\MotoConnectService\\MotoConnectService.exe [91456 2010-04-29] ()

S3 MyWiFiDHCPDNS; C:\\Program Files\\Intel\\WiFi\\bin\\PanDhcpDns.exe [315664 2009-09-21] ()

R2 Neat Startup Service; C:\\Program Files (x86)\\Neat\\exec\\NeatStartupService.exe [25600 2015-01-16] (The Neat Company) [File not signed]

R2 NortonSecurity; C:\\Program Files (x86)\\Norton Security Suite\\Engine\\22.15.0.88\\NortonSecurity.exe [328648 2018-08-05] (Symantec Corporation)

R2 NWVZHelper; C:\\Program Files (x86)\\Novatel Wireless\\Verizon\\Drivers\\NWHelper_001.exe [270848 2010-06-14] (Novatel Wireless Inc.) [File not signed]

R2 PassThru Service; C:\\Program Files (x86)\\HTC\\Internet Pass-Through\\PassThruSvr.exe [166912 2013-10-17] () [File not signed]

R2 PDFProFiltSrvPP; C:\\Program Files (x86)\\Nuance\\PaperPort\\PDFProFiltSrvPP.exe [145736 2013-08-15] (Nuance Communications, Inc.)

R2 ss_conn_service; C:\\Program Files\\Samsung\\USB Drivers\\27_ssconn\\conn\\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)

R2 STacSV; C:\\Windows\\System32\\DriverStore\\FileRepository\\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)

R2 SupportAssistAgent; C:\\Program Files\\Dell\\SupportAssistAgent\\bin\\SupportAssistAgent.exe [43480 2018-05-11] (Dell Inc.)

R2 TeamViewer; C:\\Program Files (x86)\\TeamViewer\\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)

R2 TechSmith Uploader Service; C:\\Program Files (x86)\\Common Files\\TechSmith Shared\\Uploader\\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]

R2 VZWConfigService; C:\\Program Files (x86)\\Novatel Wireless\\LTE Support\\VZWMSConfig.exe [218160 2012-04-16] (Novatel Wireless Inc.)

R2 WinDefend; C:\\Program Files\\Windows Defender\\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\\Program Files (x86)\\Norton Security Suite\\NortonData\\22.10.0.85\\Definitions\\BASHDefs\\20180910.001\\BHDrvx64.sys [1919568 2018-06-22] (Symantec Corporation)

S3 BrSerIf; C:\\Windows\\System32\\DRIVERS\\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.)

R1 ccSet_NGC; C:\\Windows\\system32\\drivers\\NGCx64\\160F000.058\\ccSetx64.sys [187464 2018-08-05] (Symantec Corporation)

R3 DDDriver; C:\\Windows\\System32\\drivers\\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)

R3 DellProf; C:\\Windows\\System32\\drivers\\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)

S3 dg_ssudbus; C:\\Windows\\System32\\DRIVERS\\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)

R1 eeCtrl; C:\\Program Files (x86)\\Common Files\\Symantec Shared\\EENGINE\\eeCtrl64.sys [507984 2018-09-03] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\\Program Files (x86)\\Common Files\\Symantec Shared\\EENGINE\\EraserUtilRebootDrv.sys [153168 2018-03-24] (Symantec Corporation)

R1 IDSVia64; C:\\Program Files (x86)\\Norton Security Suite\\NortonData\\22.10.0.85\\Definitions\\IPSDefs\\20180912.061\\IDSvia64.sys [1306592 2018-08-13] (Symantec Corporation)

S4 LMIRfsClientNP; no ImagePath

S3 NWUSBModem_001; C:\\Windows\\System32\\DRIVERS\\nwusbmdm_001.sys [217856 2012-05-03] (Novatel Wireless Inc.)

S3 NWUSBPort2_001; C:\\Windows\\System32\\DRIVERS\\nwusbser2_001.sys [217856 2012-05-03] (Novatel Wireless Inc.)

S3 NWUSBPort_001; C:\\Windows\\System32\\DRIVERS\\nwusbser_001.sys [217856 2012-05-03] (Novatel Wireless Inc.)

S3 nwvzwmbnet_001; C:\\Windows\\System32\\DRIVERS\\nwvzwmbnet_001.sys [334848 2012-05-03] (Novatel Wireless Inc.)

R3 SRTSP; C:\\Windows\\System32\\Drivers\\NGCx64\\160F000.058\\SRTSP64.SYS [846928 2018-08-05] (Symantec Corporation)

R1 SRTSPX; C:\\Windows\\system32\\drivers\\NGCx64\\160F000.058\\SRTSPX64.SYS [49744 2018-08-05] (Symantec Corporation)

S3 ssudmdm; C:\\Windows\\System32\\DRIVERS\\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)

R3 swmsflt; C:\\Windows\\System32\\drivers\\swmsflt.sys [27912 2007-08-10] ()

R3 swmsflt; C:\\Windows\\SysWOW64\\drivers\\swmsflt.sys [27912 2007-08-10] ()

S3 SWMX00; C:\\Windows\\System32\\DRIVERS\\swmx00.sys [89216 2007-06-27] (Sierra Wireless Inc.) [File not signed]

S3 SWNC5E00; C:\\Windows\\System32\\DRIVERS\\SWNC5E00.sys [114688 2007-06-27] (Sierra Wireless Inc.) [File not signed]

R0 SymEFASI; C:\\Windows\\System32\\drivers\\NGCx64\\160F000.058\\SYMEFASI64.SYS [1968720 2018-08-05] (Symantec Corporation)

R3 SymEvent; C:\\Windows\\system32\\Drivers\\SYMEVENT64x86.SYS [99920 2018-06-14] (Symantec Corporation)

R1 SymIRON; C:\\Windows\\system32\\drivers\\NGCx64\\160F000.058\\Ironx64.SYS [307792 2018-08-05] (Symantec Corporation)

R1 SymNetS; C:\\Windows\\System32\\Drivers\\NGCx64\\160F000.058\\SYMNETS.SYS [566912 2018-08-05] (Symantec Corporation)

S3 wpCtrlDrv_NGC; C:\\Windows\\System32\\Drivers\\NGCx64\\160F000.058\\wpCtrlDrv.sys [1002840 2018-08-05] (Symantec Corporation)

S3 BCM43XX; system32\\DRIVERS\\bcmwl664.sys [X]

S2 LMIInfo; \\??\\C:\\Program Files (x86)\\LogMeIn\\x64\\RaInfo.sys [X]

S3 NAVENG; \\??\\C:\\Program Files (x86)\\Norton Security Suite\\NortonData\\22.5.2.15\\Definitions\\SDSDefs\\20170513.001\\NAVENG.SYS [X]

S3 NAVEX15; \\??\\C:\\Program Files (x86)\\Norton Security Suite\\NortonData\\22.5.2.15\\Definitions\\SDSDefs\\20170513.001\\NAVEX15.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-13 09:10 - 2018-09-13 09:16 - 000036054 _____ C:\\Users\\Fatima\\Downloads\\FRST.txt

2018-09-13 09:06 - 2018-09-13 09:06 - 002413568 _____ (Farbar) C:\\Users\\Fatima\\Downloads\\FRST64.exe

2018-09-13 09:04 - 2018-09-13 09:04 - 000000000 ____D C:\\Windows\\System32\\Tasks\\Remediation

2018-09-12 22:24 - 2018-09-12 22:24 - 000000000 ____D C:\\Users\\Fatima\\Downloads\\New folder (2)

2018-09-12 21:22 - 2018-09-12 21:25 - 000000000 ____D C:\\Users\\Fatima\\receipts

2018-09-12 18:54 - 2018-09-12 18:54 - 000011855 _____ C:\\Users\\Fatima\\Desktop\\Janazah Supplies.xlsx

2018-09-12 18:46 - 2018-09-12 18:46 - 000012295 _____ C:\\Users\\Fatima\\Documents\\Janazah Supplies2.xlsx

2018-09-12 12:51 - 2018-09-12 18:52 - 000011854 _____ C:\\Users\\Fatima\\Documents\\Janazah Supplies.xlsx

2018-09-11 19:05 - 2018-08-31 11:08 - 001311744 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msjet40.dll

2018-09-11 19:05 - 2018-08-31 11:08 - 000340480 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msexcl40.dll

2018-09-11 19:05 - 2018-08-29 21:47 - 001230848 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\WindowsCodecs.dll

2018-09-11 19:05 - 2018-08-29 21:10 - 001424896 _____ (Microsoft Corporation) C:\\Windows\\system32\\WindowsCodecs.dll

2018-09-11 19:05 - 2018-08-28 01:50 - 000243200 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\ks.sys

2018-09-11 19:05 - 2018-08-24 15:47 - 000398424 _____ (Microsoft Corporation) C:\\Windows\\system32\\iedkcs32.dll

2018-09-11 19:05 - 2018-08-24 14:47 - 000350296 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iedkcs32.dll

2018-09-11 19:05 - 2018-08-23 19:05 - 025736704 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtml.dll

2018-09-11 19:05 - 2018-08-23 18:34 - 005779456 _____ (Microsoft Corporation) C:\\Windows\\system32\\jscript9.dll

2018-09-11 19:05 - 2018-08-23 18:27 - 000969216 _____ (Microsoft Corporation) C:\\Windows\\system32\\MsSpellCheckingFacility.exe

2018-09-11 19:05 - 2018-08-23 17:40 - 001555456 _____ (Microsoft Corporation) C:\\Windows\\system32\\urlmon.dll

2018-09-11 19:05 - 2018-08-23 17:27 - 020279296 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtml.dll

2018-09-11 19:05 - 2018-08-23 17:06 - 000662016 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jscript.dll

2018-09-11 19:05 - 2018-08-23 16:51 - 004494848 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jscript9.dll

2018-09-11 19:05 - 2018-08-23 16:27 - 001329664 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\urlmon.dll

2018-09-11 19:05 - 2018-08-13 11:54 - 014183936 _____ (Microsoft Corporation) C:\\Windows\\system32\\shell32.dll

2018-09-11 19:05 - 2018-08-13 11:54 - 002004480 _____ (Microsoft Corporation) C:\\Windows\\system32\\msxml6.dll

2018-09-11 19:05 - 2018-08-13 11:54 - 001888768 _____ (Microsoft Corporation) C:\\Windows\\system32\\msxml3.dll

2018-09-11 19:05 - 2018-08-13 11:54 - 000056832 _____ (Microsoft Corporation) C:\\Windows\\system32\\mf3216.dll

2018-09-11 19:05 - 2018-08-13 11:53 - 000405504 _____ (Microsoft Corporation) C:\\Windows\\system32\\gdi32.dll

2018-09-11 19:05 - 2018-08-13 11:41 - 000313344 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\gdi32.dll

2018-09-11 19:05 - 2018-08-13 11:40 - 012880896 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\shell32.dll

2018-09-11 19:05 - 2018-08-13 11:40 - 001390080 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msxml6.dll

2018-09-11 19:05 - 2018-08-13 11:40 - 001241088 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msxml3.dll

2018-09-11 19:05 - 2018-08-13 11:40 - 000043008 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mf3216.dll

2018-09-11 19:05 - 2018-08-12 16:32 - 000378464 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\netio.sys

2018-09-11 19:05 - 2018-08-12 16:31 - 001894496 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\tcpip.sys

2018-09-11 19:05 - 2018-08-12 16:31 - 000289376 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\FWPKCLNT.SYS

2018-09-11 19:05 - 2018-08-10 11:59 - 005552816 _____ (Microsoft Corporation) C:\\Windows\\system32\\ntoskrnl.exe

2018-09-11 19:05 - 2018-08-10 11:59 - 000154800 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\ksecpkg.sys

2018-09-11 19:05 - 2018-08-10 11:58 - 000385120 _____ (Adobe Systems Incorporated) C:\\Windows\\system32\\atmfd.dll

2018-09-11 19:05 - 2018-08-10 11:58 - 000263776 _____ (Microsoft Corporation) C:\\Windows\\system32\\hal.dll

2018-09-11 19:05 - 2018-08-10 11:58 - 000096864 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\ksecdd.sys

2018-09-11 19:05 - 2018-08-10 11:57 - 000708272 _____ (Microsoft Corporation) C:\\Windows\\system32\\winload.efi

2018-09-11 19:05 - 2018-08-10 11:57 - 000631624 _____ (Microsoft Corporation) C:\\Windows\\system32\\winresume.efi

2018-09-11 19:05 - 2018-08-10 11:56 - 001664296 _____ (Microsoft Corporation) C:\\Windows\\system32\\ntdll.dll

2018-09-11 19:05 - 2018-08-10 11:55 - 000152064 _____ (Microsoft Corporation) C:\\Windows\\system32\\t2embed.dll

2018-09-11 19:05 - 2018-08-10 11:54 - 001211904 _____ (Microsoft Corporation) C:\\Windows\\system32\\rpcrt4.dll

2018-09-11 19:05 - 2018-08-10 11:53 - 000463872 _____ (Microsoft Corporation) C:\\Windows\\system32\\certcli.dll

2018-09-11 19:05 - 2018-08-10 11:45 - 004054192 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ntkrnlpa.exe

2018-09-11 19:05 - 2018-08-10 11:45 - 000309424 _____ (Adobe Systems Incorporated) C:\\Windows\\SysWOW64\\atmfd.dll

2018-09-11 19:05 - 2018-08-10 11:44 - 003961440 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ntoskrnl.exe

2018-09-11 19:05 - 2018-08-10 11:42 - 001315512 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ntdll.dll

2018-09-11 19:05 - 2018-08-10 11:41 - 000111616 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\t2embed.dll

2018-09-11 19:05 - 2018-08-10 11:40 - 000342528 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\certcli.dll

2018-09-11 19:05 - 2018-08-10 11:27 - 000077312 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\mpsdrv.sys

2018-09-11 19:05 - 2018-08-10 11:17 - 000338432 _____ (Microsoft Corporation) C:\\Windows\\system32\\conhost.exe

2018-09-11 19:05 - 2018-08-10 11:17 - 000296960 _____ (Microsoft Corporation) C:\\Windows\\system32\\rstrui.exe

2018-09-11 19:05 - 2018-08-10 11:13 - 000129536 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\mrxsmb20.sys

2018-09-11 19:05 - 2018-07-29 11:55 - 001110528 _____ (Microsoft Corporation) C:\\Windows\\system32\\schedsvc.dll

2018-09-11 19:05 - 2018-07-18 11:18 - 000090112 _____ (Microsoft Corporation) C:\\Windows\\system32\\Drivers\\bowser.sys

2018-09-11 19:04 - 2018-08-23 18:56 - 002724864 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtml.tlb

2018-09-11 19:04 - 2018-08-23 18:56 - 000004096 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieetwcollectorres.dll

2018-09-11 19:04 - 2018-08-23 18:45 - 002902016 _____ (Microsoft Corporation) C:\\Windows\\system32\\iertutil.dll

2018-09-11 19:04 - 2018-08-23 18:44 - 000066560 _____ (Microsoft Corporation) C:\\Windows\\system32\\iesetup.dll

2018-09-11 19:04 - 2018-08-23 18:43 - 000576512 _____ (Microsoft Corporation) C:\\Windows\\system32\\vbscript.dll

2018-09-11 19:04 - 2018-08-23 18:43 - 000417280 _____ (Microsoft Corporation) C:\\Windows\\system32\\html.iec

2018-09-11 19:04 - 2018-08-23 18:43 - 000088064 _____ (Microsoft Corporation) C:\\Windows\\system32\\MshtmlDac.dll

2018-09-11 19:04 - 2018-08-23 18:43 - 000048640 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieetwproxystub.dll

2018-09-11 19:04 - 2018-08-23 18:37 - 000054784 _____ (Microsoft Corporation) C:\\Windows\\system32\\jsproxy.dll

2018-09-11 19:04 - 2018-08-23 18:36 - 000034304 _____ (Microsoft Corporation) C:\\Windows\\system32\\iernonce.dll

2018-09-11 19:04 - 2018-08-23 18:34 - 000615936 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieui.dll

2018-09-11 19:04 - 2018-08-23 18:33 - 000814080 _____ (Microsoft Corporation) C:\\Windows\\system32\\jscript9diag.dll

2018-09-11 19:04 - 2018-08-23 18:33 - 000794624 _____ (Microsoft Corporation) C:\\Windows\\system32\\jscript.dll

2018-09-11 19:04 - 2018-08-23 18:33 - 000144384 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieUnatt.exe

2018-09-11 19:04 - 2018-08-23 18:33 - 000116224 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieetwcollector.exe

2018-09-11 19:04 - 2018-08-23 18:24 - 000489984 _____ (Microsoft Corporation) C:\\Windows\\system32\\dxtmsft.dll

2018-09-11 19:04 - 2018-08-23 18:19 - 000077824 _____ (Microsoft Corporation) C:\\Windows\\system32\\JavaScriptCollectionAgent.dll

2018-09-11 19:04 - 2018-08-23 18:18 - 000087552 _____ (Microsoft Corporation) C:\\Windows\\system32\\tdc.ocx

2018-09-11 19:04 - 2018-08-23 18:17 - 000107520 _____ (Microsoft Corporation) C:\\Windows\\system32\\inseng.dll

2018-09-11 19:04 - 2018-08-23 18:15 - 000199680 _____ (Microsoft Corporation) C:\\Windows\\system32\\msrating.dll

2018-09-11 19:04 - 2018-08-23 18:15 - 000092160 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtmled.dll

2018-09-11 19:04 - 2018-08-23 18:13 - 000315392 _____ (Microsoft Corporation) C:\\Windows\\system32\\dxtrans.dll

2018-09-11 19:04 - 2018-08-23 18:12 - 000152064 _____ (Microsoft Corporation) C:\\Windows\\system32\\occache.dll

2018-09-11 19:04 - 2018-08-23 18:03 - 000262144 _____ (Microsoft Corporation) C:\\Windows\\system32\\webcheck.dll

2018-09-11 19:04 - 2018-08-23 18:01 - 000809472 _____ (Microsoft Corporation) C:\\Windows\\system32\\msfeeds.dll

2018-09-11 19:04 - 2018-08-23 18:01 - 000728064 _____ (Microsoft Corporation) C:\\Windows\\system32\\ie4uinit.exe

2018-09-11 19:04 - 2018-08-23 18:00 - 015283712 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieframe.dll

2018-09-11 19:04 - 2018-08-23 17:59 - 002136064 _____ (Microsoft Corporation) C:\\Windows\\system32\\inetcpl.cpl

2018-09-11 19:04 - 2018-08-23 17:59 - 001359360 _____ (Microsoft Corporation) C:\\Windows\\system32\\mshtmlmedia.dll

2018-09-11 19:04 - 2018-08-23 17:52 - 004510720 _____ (Microsoft Corporation) C:\\Windows\\system32\\wininet.dll

2018-09-11 19:04 - 2018-08-23 17:28 - 000800768 _____ (Microsoft Corporation) C:\\Windows\\system32\\ieapfltr.dll

2018-09-11 19:04 - 2018-08-23 17:25 - 002724864 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtml.tlb

2018-09-11 19:04 - 2018-08-23 17:15 - 000497664 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\vbscript.dll

2018-09-11 19:04 - 2018-08-23 17:14 - 000341504 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\html.iec

2018-09-11 19:04 - 2018-08-23 17:14 - 000062464 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iesetup.dll

2018-09-11 19:04 - 2018-08-23 17:14 - 000047616 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieetwproxystub.dll

2018-09-11 19:04 - 2018-08-23 17:13 - 000064000 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\MshtmlDac.dll

2018-09-11 19:04 - 2018-08-23 17:12 - 002295808 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iertutil.dll

2018-09-11 19:04 - 2018-08-23 17:09 - 000047104 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jsproxy.dll

2018-09-11 19:04 - 2018-08-23 17:09 - 000030720 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\iernonce.dll

2018-09-11 19:04 - 2018-08-23 17:07 - 000476160 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieui.dll

2018-09-11 19:04 - 2018-08-23 17:06 - 000620032 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\jscript9diag.dll

2018-09-11 19:04 - 2018-08-23 17:06 - 000115712 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieUnatt.exe

2018-09-11 19:04 - 2018-08-23 17:00 - 000416256 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\dxtmsft.dll

2018-09-11 19:04 - 2018-08-23 16:56 - 000073216 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\tdc.ocx

2018-09-11 19:04 - 2018-08-23 16:56 - 000060416 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\JavaScriptCollectionAgent.dll

2018-09-11 19:04 - 2018-08-23 16:55 - 000091136 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\inseng.dll

2018-09-11 19:04 - 2018-08-23 16:54 - 000168960 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msrating.dll

2018-09-11 19:04 - 2018-08-23 16:53 - 000076288 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtmled.dll

2018-09-11 19:04 - 2018-08-23 16:52 - 000279040 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\dxtrans.dll

2018-09-11 19:04 - 2018-08-23 16:51 - 000130048 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\occache.dll

2018-09-11 19:04 - 2018-08-23 16:48 - 013679616 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieframe.dll

2018-09-11 19:04 - 2018-08-23 16:46 - 000230400 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\webcheck.dll

2018-09-11 19:04 - 2018-08-23 16:44 - 002059776 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\inetcpl.cpl

2018-09-11 19:04 - 2018-08-23 16:44 - 001155072 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\mshtmlmedia.dll

2018-09-11 19:04 - 2018-08-23 16:44 - 000696320 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msfeeds.dll

2018-09-11 19:04 - 2018-08-23 16:30 - 004037632 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\wininet.dll

2018-09-11 19:04 - 2018-08-23 16:24 - 000710144 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ieapfltr.dll

2018-09-11 19:04 - 2018-08-13 11:54 - 000008192 _____ (Microsoft Corporation) C:\\Windows\\system32\\msimg32.dll

2018-09-11 19:04 - 2018-08-13 11:54 - 000002048 _____ (Microsoft Corporation) C:\\Windows\\system32\\msxml6r.dll

2018-09-11 19:04 - 2018-08-13 11:54 - 000002048 _____ (Microsoft Corporation) C:\\Windows\\system32\\msxml3r.dll

2018-09-11 19:04 - 2018-08-13 11:53 - 001867776 _____ (Microsoft Corporation) C:\\Windows\\system32\\ExplorerFrame.dll

2018-09-11 19:04 - 2018-08-13 11:40 - 001499648 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\ExplorerFrame.dll

2018-09-11 19:04 - 2018-08-13 11:40 - 000004608 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msimg32.dll

2018-09-11 19:04 - 2018-08-13 11:40 - 000002048 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msxml6r.dll

2018-09-11 19:04 - 2018-08-13 11:40 - 000002048 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\msxml3r.dll

2018-09-11 19:04 - 2018-08-12 16:28 - 000018944 _____ (Microsoft Corporation) C:\\Windows\\system32\\netevent.dll

2018-09-11 19:04 - 2018-08-12 16:14 - 000018944 _____ (Microsoft Corporation) C:\\Windows\\SysWOW64\\netevent.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000503808 _____ (Microsoft Corporation) C:\\Windows\\system32\\srcore.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000361984 _____ (Microsoft Corporation) C:\\Windows\\system32\\wow64win.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000243712 _____ (Microsoft Corporation) C:\\Windows\\system32\\wow64.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000215552 _____ (Microsoft Corporation) C:\\Windows\\system32\\winsrv.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000210432 _____ (Microsoft Corporation) C:\\Windows\\system32\\wdigest.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000135680 _____ (Microsoft Corporation) C:\\Windows\\system32\\sspicli.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000094208 _____ (Microsoft Corporation) C:\\Windows\\system32\\TSpkg.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000050176 _____ (Microsoft Corporation) C:\\Windows\\system32\\srclient.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000028672 _____ (Microsoft Corporation) C:\\Windows\\system32\\sspisrv.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000022528 _____ (Microsoft Corporation) C:\\Windows\\system32\\wfapigp.dll

2018-09-11 19:04 - 2018-08-10 11:55 - 000013312 _____ (Microsoft Corporation) C:\\Windows\\system32\\wow64cpu.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 001461760 _____ (Microsoft Corporation) C:\\Windows\\system32\\lsasrv.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 001163264 _____ (Microsoft Corporation) C:\\Windows\\system32\\kernel32.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000828928 _____ (Microsoft Corporation) C:\\Windows\\system32\\MPSSVC.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000749568 _____ (Microsoft Corporation) C:\\Windows\\system32\\FirewallAPI.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000731648 _____ (Microsoft Corporation) C:\\Windows\\system32\\kerberos.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000419840 _____ (Microsoft Corporation) C:\\Windows\\system32\\KernelBase.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000345600 _____ (Microsoft Corporation) C:\\Windows\\system32\\schannel.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000316928 _____ (Microsoft Corporation) C:\\Windows\\system32\\msv1_0.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000312320 _____ (Microsoft Corporation) C:\\Windows\\system32\\ncrypt.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000190464 _____ (Microsoft Corporation) C:\\Windows\\system32\\rpchttp.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000146432 _____ (Microsoft Corporation) C:\\Windows\\system32\\msaudite.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000108544 _____ (Microsoft Corporation) C:\\Windows\\system32\\icfupgd.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000100864 _____ (Microsoft Corporation) C:\\Windows\\system32\\fontsub.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000063488 _____ (Microsoft Corporation) C:\\Windows\\system32\\setbcdlocale.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000060416 _____ (Microsoft Corporation) C:\\Windows\\system32\\msobjs.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000041472 _____ (Microsoft Corporation) C:\\Windows\\system32\\lpk.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000028160 _____ (Microsoft Corporation) C:\\Windows\\system32\\secur32.dll

2018-09-11 19:04 - 2018-08-10 11:54 - 000016384 _____ (Microsoft Corporation) C:\\Windows\\system32\\ntvdm64.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000880640 _____ (Microsoft Corporation) C:\\Windows\\system32\\advapi32.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000690688 _____ (Microsoft Corporation) C:\\Windows\\system32\\adtschema.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000123904 _____ (Microsoft Corporation) C:\\Windows\\system32\\bcrypt.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000059904 _____ (Microsoft Corporation) C:\\Windows\\system32\\appidapi.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000046080 _____ (Adobe Systems) C:\\Windows\\system32\\atmlib.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000044032 _____ (Microsoft Corporation) C:\\Windows\\system32\\csrsrv.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000043520 _____ (Microsoft Corporation) C:\\Windows\\system32\\cryptbase.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000034816 _____ (Microsoft Corporation) C:\\Windows\\system32\\appidsvc.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000022016 _____ (Microsoft Corporation) C:\\Windows\\system32\\credssp.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000014336 _____ (Microsoft Corporation) C:\\Windows\\system32\\dciman32.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000006656 _____ (Microsoft Corporation) C:\\Windows\\system32\\apisetschema.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000006144 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-security-base-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000005120 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-file-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004608 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-threadpool-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004608 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-processthreads-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-sysinfo-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-synch-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-localregistry-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000004096 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-localization-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-rtlsupport-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-processenvironment-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-namedpipe-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-misc-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-memory-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-libraryloader-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003584 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-heap-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-xstate-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-util-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-string-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-profile-l1-1-0.dll

2018-09-11 19:04 - 2018-08-10 11:53 - 000003072 ____H (Microsoft Corporation) C:\\Windows\\system32\\api-ms-win-core-io-l1-1-0.dll

2018-09-11 19:04 - 20

Tech Clinic / I am not able to paste my hijackthis log

« on: July 31, 2015, 04:25:36 PM »

Tech Clinic / hijackthis log - computer running slow

« on: January 02, 2012, 10:19:33 PM »

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:16:17 PM, on 1/2/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\windows\eHome\ehRecvr.exe
C:\windows\eHome\ehSched.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\lxdqcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
C:\windows\stsystra.exe
C:\windows\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\windows\eHome\ehmsas.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Logitech\Logitech Vid\Vid.exe
C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\1.3.21.79

\GoogleCrashHandler.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Owner.Fatima\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

http://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MP8708
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program

Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program

Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program

Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program

Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-

4C09146192CA} - C:\Documents and Settings\All Users\Application

Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1

\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program

Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton

Security Suite\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program

Files\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program

Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program

Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program

Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: Trixie.Bho - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - mscoree.dll (file missing)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} -

c:\windows\system32\BAE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program

Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program

Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!

\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!

\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit

9\SnagitIEAddin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program

Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton

Security Suite\Engine\4.3.0.5\coIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program

Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program

Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program

Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel

PROSet/Wireless
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement

Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\windows\System32\spool\DRIVERS\W32X86\3

\DLCXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common

Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r

"C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking10\Ereg.ini
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter

Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java

Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0

\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [lxdqmon.exe] "C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe"
O4 - HKLM\..\Run: [lxdqamon] "C:\Program Files\Lexmark Z2400 Series\lxdqamon.exe"
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Owner.Fatima\Application

Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\Vid.exe" -bootmode
O4 - HKCU\..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup

Scheduler.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner.Fatima\Local

Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\windows\system32

\Macromed\Flash\FlashUtil10x_ActiveX.exe -update activex
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program

Files\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop

Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites -

http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12

\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google

Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\windows\system32

\mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} -

C:\windows\system32\mscoree.DLL
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows

Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-

D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program

Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -

C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-

AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2

\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1

\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-

58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.intuitwebsites.com
O15 - Trusted Zone: http://*.investigativeprofessionals.com
O15 - Trusted Zone: http://www.searspartsdirect.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program

Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -

http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -

http://www.geni.com/ImageUploader5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?

1187048366328
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -

http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) -

http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
O16 - DPF: {E3372C1F-AFE6-4A3B-90F9-83B2E9B42C82} (ADTCKS.KSLauncher) -

http://online.appdev.com/inline/ADTCKS.CAB
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1

\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} -

C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-

3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Amazon Download Agent - Amazon.com - C:\Program Files\Amazon\Amazon Games &

Software Downloader\AmazonGSDownloaderService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BroadCam Video Streaming Server (BroadCamService) - Unknown owner - C:\Program

Files\NCH Software\BroadCam\broadcam.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program

Files\Canon\CAL\CALMAIN.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program

Files\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program

Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common

Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program

Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program

Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program

Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program

Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common

Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: lxdq_device - - C:\windows\system32\lxdqcoms.exe
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton

Security Suite\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program

Files\Norton PC Checkup\Engine\2.0.12.27\SymcPCCULaunchSvc.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program

Files\Norton PC Checkup\Engine\2.0.12.27\ccSvcHst.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New

Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation -

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation -

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SPCSUtilityService - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Sierra

Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program

Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!

\SoftwareUpdate\YahooAUService.exe

--
End of file - 18692 bytes

Tech Clinic / Computer Hanging - Hijackthis Log

« on: December 25, 2011, 08:17:31 AM »

Hello,

For about a month my computer has started hanging when in use. It completely goes silent and does nothing just stays that way for about 60 - 90 seconds and then resumes. Please take a look at the log below to see if you can work your magic to help me out. Thanks

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:08:23 AM, on 12/25/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OEHook.exe
C:\Users\Fatima\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\msiexec.exe
C:\Users\Fatima\Downloads\HijackThis.exe
C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
C:\Program Files (x86)\TechSmith\Snagit 10\TSCHelp.exe
C:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = g.msn.com/USCON/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.metacrawler.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Assistant BHO - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\PROGRA~2\APPGRA~1\APPGRA~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Toolbar BHO - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~2\TELEVI~2\bar\1.bin\64bar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
O3 - Toolbar: TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [DellSupportCenter] "c:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
O4 - HKCU\..\Run: [cdloader] "C:\Users\Fatima\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: CNET TechTracker.lnk = Fatima\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Outlook Plugin.lnk = C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OEHook.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://allscripts.webex.com/client/WBXclient-T27L10NSP25-10481/webex/ieatgpc1.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SPCSUtilityService - Sprint Spectrum, L.L.C - C:\Program Files (x86)\Sprint\Sierra Wireless\Sprint PCS Connection Manager\SPCSUtilityService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TelevisionFanaticService - COMPANYVERS_NAME - C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16452 bytes

Tech Clinic / Please View Hijack Log

« on: August 05, 2009, 10:01:57 PM »

Hello,

My computer is starting very slowing and at times runs slowly, please look at the log below and let me know if you see anything wrong.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:29:23 PM, on 8/5/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\COMMON~1\AOL\117398~1\EE\AOLHOS~1.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\PROGRA~1\COMMON~1\AOL\117398~1\EE\AOLServiceHost.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\Palm\Hotsync.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TechSmith\SnagIt 9\Snagit32.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\eFax Messenger 4.4\J2GTray.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Antivirus\hiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gateway.com/g/startpage.html?Ch...TB&M=MP8708
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1173981389\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKCU\..\Run: [Power2GoExpress] NA
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [eFax 4.4] "C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe" /R
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Owner.Fatima\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner.Fatima\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: eFax 4.4.lnk = C:\Program Files\eFax Messenger 4.4\J2GTray.exe
O4 - Startup: Palm Registration.lnk = C:\Program Files\Palm\register.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Snagit 9.lnk = C:\Program Files\TechSmith\SnagIt 9\Snagit32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1187048366328
O16 - DPF: {E3372C1F-AFE6-4A3B-90F9-83B2E9B42C82} (ADTCKS.KSLauncher) - http://online.appdev.com/inline/ADTCKS.CAB
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcx_device - - C:\WINDOWS\system32\dlcxcoms.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 16580 bytes

Tech Clinic / hijack this log

« on: July 19, 2008, 11:47:07 PM »

Computer hardly moving. McAfee needs o be deleted, it is out dated. Can't delete the add/delet won't open, to slow, it hangs.
Please let me know where to start to clean this mess up. Thanks. CPU running at 100% all the time.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23:34 AM, on 7/20/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\wanmpsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\AOL\1129383946\ee\aolsoftware.exe
C:\WINNT\system32\wuauclt.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\SDShred.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [RegistrySmart] "C:\Program Files\RegistrySmart\RegistrySmart.exe" -boot
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\Email RemovedEXE" -b
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1212429283433
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F99E5A7-C18C-42CB-8927-4262AC2EE1FF}: NameServer = 64.83.1.10,209.137.171.10
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - AOL LLC - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe

--
End of file - 3938 bytes

Tech Clinic / HJT Log - Help!

« on: September 09, 2007, 07:23:45 PM »

Hello,

My CPU runs at 100% all the time and the hour glass stays up. All basic functions work however, the computer is slow.
Please look at my HJT. I am also having problems loading some software.

Thank you!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:05:35 PM, on 9/9/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\AOL\1129383946\ee\services\safetyCore\ver210_5_2_1\aolavupd.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\mcafee.com\personal firewall\MPFService.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\AOL\1129383946\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\1129383946\ee\services\safetyCore\ver210_5_2_1\AOLSP Scheduler.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\IC Media Corp\ICM532\Launchpad.exe
C:\WINNT\Twain_32\CA561A\SnapDetect.exe
C:\Program Files\Verizon Online\Support Center\bin\mpbtn.exe
C:\Program Files\Common Files\AOL\1129383946\ee\aolsoftware.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\AOL 9.0\wEmail Removedexe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ytb3.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLB3DD.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\YCOMP_~1.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cnn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer powered by Verizon Broadband
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1129383946\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1129383946\ee\services\safetyCore\ver210_5_2_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1129383946\ee\SSCRun.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [PPRT] C:\Program Files\CA\PPRT\bin\ITMRTSVC_Logon.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [hwfutczk.exe] C:\Documents and Settings\All Users\Application Data\hwfutczk.exe
O4 - HKLM\..\Run: [Ultimate Fixer] "C:\Program Files\Ultimate Fixer\UltimateFixer.exe" hide
O4 - HKLM\..\Run: [ppsmcs] sqvx5gamet2.exe
O4 - HKCU\..\Run: [Ultimate Cleaner] "C:\Program Files\Ultimate Cleaner\UltimateCleaner.exe" hide
O4 - HKCU\..\Run: [ppsmcs] sqvx5gamet2.exe
O4 - HKCU\..\Run: [netasv2] C:\WINNT\system32\cmdbzyln.exe
O4 - HKCU\..\Run: [vcmicrec] C:\WINNT\system32\msccsed.exe
O4 - HKCU\..\Run: [resvsio] C:\WINNT\system32\atsdisc.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\Email RemovedEXE" -b
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Broadband Support Center.lnk = C:\Program Files\Verizon Online\Support Center\bin\matcli.exe
O4 - Global Startup: Launchpad.lnk = C:\Program Files\IC Media Corp\ICM532\Launchpad.exe
O4 - Global Startup: SnapDetect.lnk = C:\WINNT\Twain_32\CA561A\SnapDetect.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\tmwsock.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.grazemusic.com/install/network/install.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1183255099528
O17 - HKLM\System\CCS\Services\Tcpip\..\{3F99E5A7-C18C-42CB-8927-4262AC2EE1FF}: NameServer = 85.255.114.70,85.255.112.182
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.70 85.255.112.182
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.70 85.255.112.182
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.70 85.255.112.182
O20 - Winlogon Notify: botreg - C:\Documents and Settings\All Users\Documents\Settings\bot.dll
O20 - Winlogon Notify: partnershipreg - C:\Documents and Settings\All Users\Documents\Settings\partnership.dll
O21 - SSODL: DCOM Server 20509 - {2C1CD3D7-86AC-4068-93BC-A02304B20509} - (no file)
O21 - SSODL: gHexXZmUpDgi - {A80C390E-02A6-93A4-5EAC-E97C9D9C1F59} - C:\WINNT\system32\ue.dll (file missing)
O22 - SharedTaskScheduler: DCOM Server 20509 - {2C1CD3D7-86AC-4068-93BC-A02304B20509} - (no file)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - AOL LLC - C:\Program Files\Common Files\AOL\1129383946\ee\services\safetyCore\ver210_5_2_1\aolavupd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\Program Files\mcafee.com\personal firewall\MPFService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINNT\wanmpsvc.exe
O23 - Service: Windows Management Service - Unknown owner - C:\WINNT\system32\.exe (file missing)

--
End of file - 9573 bytes

Tech Clinic / Need annual and lifetime Test Subscription infor

« on: September 04, 2007, 09:47:41 AM »

Hello,

I have been looking for a description of the optional annual and lifetime. "test subscription." Does anyone know where the information is or what the package consist of?

This site and guestolo in particular has been a God sent in times of trouble, what a reliable sort of help. I appreciate the help and I am sure many other do also.

Ummzee
Philadelphia, PA

Tech Clinic / Guestolo help - HJT log

« on: September 03, 2007, 10:20:04 PM »

Hello,

Please view my log and offer any help you can.

I am getting massive pop-ups.

I have run CCleaner, AVG Anit-spyware and Trojan Hunter several times and the popup occur even when I am not on the internet.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:06:03 PM, on 9/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Documents and Settings\Administrator\Desktop\AntiVirus\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\TrojanHunter 4.7\THGuard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\MICROS~3\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\Administrator\Desktop\AntiVirus\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [hosycasyn] C:\Program Files\Online Services\hosycasyn22011.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Administrator\Desktop\AntiVirus\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.7\THGuard.exe"
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\uuuyewby.dll",forkonce
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Rsoc] "C:\PROGRA~1\COMMON~1\YMBOLS~1\netdde.exe" -vt ndrv
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Documents and Settings\Administrator\Desktop\AntiVirus\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\System32\xocqgqnj.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\WindowsUpdate\progyrtaq.html

--
End of file - 4613 bytes

Tech Clinic / HaghJack Log - Help Guestolo

« on: May 03, 2006, 07:25:11 AM »

Slow and getting slower, need help!

Logfile of HijackThis v1.99.1
Scan saved at 8:22:32 AM, on 5/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\ANTIVI~1\ETRUST~1\VetTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Palm\HOTSYNC.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\TechSmith\SnagIt 7\SnagIt32.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Linksys\Wireless-G Notebook Adapter\OdHost.exe
C:\Program Files\TechSmith\SnagIt 7\TSCHelp.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54Cfg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.passport.net/uilogin.srf?lc=1033&id=2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\5sn574x3.slt\prefs.js)
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [VetTray] c:\ANTIVI~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [THGuard] "C:\antivirus\trojanhunter\THGuard.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\Startup.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: SnagIt 7.lnk = C:\Program Files\TechSmith\SnagIt 7\SnagIt32.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-18.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by103fd.bay103.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1096438447079
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1123838743641
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/45/install/gtdownls.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...412/mcfscan.cab
O18 - Protocol: bw+0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {EFFFF539-719A-4255-A753-76401EFAB172} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - c:\antivirus\eTrust EZ Antivirus\isafe.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NICSer_WPC54G - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - c:\antivirus\eTrust EZ Antivirus\VetMsg.exe

Tech Clinic / Poor wireless connection

« on: July 06, 2005, 07:04:17 AM »

I am using a TRENDnet TEW-424UB wireless adapter with the a wireless 327W Westell router and Verizon dsl service. When I first connect to the net I get "GOOD" connection but it soon goes down to "LOW" and often disconnects.

I have two adapters on computers less than 100 feet on either side of the router. I am new to wireless and expected much better reception. Is there something I can do to increase the reception (connection)?

Thanks in advance,

Hardware / Verizon DSL, wirless Westell router

« on: July 04, 2005, 02:00:11 PM »

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sad.gif\' class=\'bbc_emoticon\' alt=\'

\' /> I am using a TRENDnet TEW-424UB wireless adapter with the a wireless 327W Westell router and Verizon dsl service. When I first connect to the net I get "GOOD" connection but it soon goes down to "LOW" and often disconnects.

I have two adapters on computers less than 100 feet on either side of the router. I am new to wireless and expected much better reception. Is there something I can do to increase the reception (connection)?

Thanks in advance,

Tech Clinic / High Jack this log

« on: July 04, 2005, 01:37:55 PM »

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/dry.gif\' class=\'bbc_emoticon\' alt=\'<_<\' /> I have updated registerd copies of Spyware Docter & Registery Mechanic and used online House calls none of which reported anything major.

Here is my log, do you see anything that could be slowing down my computer?

Logfile of HijackThis v1.99.1
Scan saved at 2:31:08 PM, on 7/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spam Monitor\SpamMonitor.Exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\TRENDnet\TRENDnet TEW-424UB\Trendnet.exe
C:\WINDOWS\System32\svchost.exe
C:\antivirus\Spyware Doctor\swdoctor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/ymsgr/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login.passport.net/uilogin.srf?id=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.netscape.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.netscape.com/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.netscape.com/home/winsearch200.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.netscape.com/home/winsearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.netscape.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
N2 - Netscape 6: # Mozilla User Preferences
// This is a generated file!

user_pref("SeletiveLdy.aim.im.playall", true);
user_pref("SeletiveLdy.aim.session.autologin", false);
user_pref("SeletiveLdy.aim.session.firstsignon", false);
user_pref("SeletiveLdy.aim.session.password", "0");
user_pref("SeletiveLdy.aim.session.storepassword", false);
user_pref("aim.internal.buddy.MaxBuddies", 160);
user_pref("aim.session.finishedwizard", true);
user_pref("aim.session.firsttime", false);
user_pref("aim.session.screenname", "SeletiveLdy");
user_pref("browser.cache.directory", "C:\\WINDOWS\\Application Data\\Mozilla\\Profiles\\default\\nq99i3b5.slt\\Cache");
user_pref("browser.download.progressDnldDialog.keepAlive", false);
user_pref("browser.helperApps.neverAsk.openFile", "application%2Fpdf");
user_pref("browser.history.last_page_visited", "http://ncmail.netscape.com/compose.adp");
user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%206%5Csearchplugins%5CSBWeb_01.src");
user_
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_4.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\ANTIVI~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\ANTIVI~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_4.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\antivirus\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spam Monitor] C:\Program Files\Spam Monitor\SpamMonitor.Exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: TEW-424UB Utility.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF269~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\ANTIVI~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0522.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0522.DLL
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF269~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Dell Home - {EE117DAA-A30B-40FC-945C-38AE1B80C1FA} - http://www.dellnet.com (file missing) (HKCU)
O12 - Plugin for .asx: C:\PROGRAM FILES\VERIZONDSL\NETSCAPE\PROGRAM\PLUGINS\npdsplay.dll
O12 - Plugin for .bmp: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .wmv: C:\PROGRAM FILES\VERIZONDSL\NETSCAPE\PROGRAM\PLUGINS\npdsplay.dll
O15 - Trusted Zone: http://*.xara.com
O15 - Trusted Zone: http://*.xaraonline.com
O16 - DPF: Win32 Classes -
O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {28F00B0F-DC4E-11D3-ABEC-005004A44EEB} (Register Class) - http://content.hiwirenetworks.net/inbrowse...5.26/Hiwire.cab
O16 - DPF: {2FF18E20-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.01) - http://www.msnbc.com/download/nr1228.cab
O16 - DPF: {3B02AAA2-327C-40ED-A849-4BE819AE5385} (ImgSizer Control) -
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a224.g.akamai.net/7/224/52/20010620...meInstaller.exe
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...l_v1-0-3-24.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1115129673119
O16 - DPF: {776706AE-CACA-4EA3-93DF-BB83D9259DA9} (MailConfigure Class) - http://supportservices.msn.com/us/oeconfig/MailCfg.cab
O16 - DPF: {89122070-4199-11D4-8BAF-0050045B552C} - http://my.rocketpipe.com/enable/rocketpipeclient/pipe345.cab
O16 - DPF: {9BB641DB-045B-42B4-BAE2-CBAAD66B0CC4} (Spotlife Composer) - http://yahoo.spotlife.net/install/composer...23/SLCmpser.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/...ymmapi_0727.dll
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Control) - http://content.communities.msn.com/cs/MsnPUpld.cab
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} (ContentAuditX Control) - http://www.contentwatch.com/audit/includes...uditControl.cab
O16 - DPF: {DE435CAE-6873-11D2-A750-00A024BB782C} (AppKeys Class) - https://pchost.ccp.cc.pa.us/corridor-htdocs/appkeys.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...296/mcfscan.cab
O18 - Filter: text/html - (no CLSID) - (no file)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

I thank you in advance.

Software / Need picture of website

« on: December 23, 2004, 02:40:35 PM »

Hello,

I have some website templates I would like to be able to show on my website without the viewer being able to download the site. How can I do that?

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sad.gif\' class=\'bbc_emoticon\' alt=\'

\' />

I do know about taking screen shots but that has been a nightmare process. Is there an easy way or software that will do the job of saving a view of the sites into jpeg or gif format?

Thanks in advance

Tech Clinic / Highjack Log

« on: December 09, 2004, 10:48:56 AM »

First time site and Highjack user. Any help will be appreciated!

Logfile of HijackThis v1.98.2
Scan saved at 10:58:54 AM, on 12/9/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\System32\Ati2evxx.exe
c:\antivirus\eTrust EZ Antivirus\isafe.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\snmp.exe
c:\antivirus\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\pctspk.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\PROGRA~1\THEWEA~1\DWHeartbeatMonitor.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\??rvices.exe
C:\Palm\HOTSYNC.EXE
C:\WINDOWS\System32\cidaemon.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.Email Removed.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.web--search.com/to.php?ID1=1537...5-F3C7C47FA223}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R3 - URLSearchHook: (no name) - _{30192F8D-0958-44E6-B54D-331FD39AC959} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\logon.exe
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\5sn574x3.slt\prefs.js)
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar.dll
O2 - BHO: (no name) - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - (no file)
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Win32 USB2 Driver] winxpinit.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Shell Logon] C:\logon.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvpej32.exe
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [g] C:\Documents and Settings\Owner\Local Settings\Temp\g.exe
O4 - HKLM\..\Run: [hH0THOIje] C:\documents and settings\owner\local settings\temp\hH0THOIje.exe
O4 - HKLM\..\Run: [VxDE] C:\documents and settings\owner\local settings\temp\VxDE.exe
O4 - HKLM\..\Run: [VetTray] c:\ANTIVI~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] winxpinit.exe
O4 - HKCU\..\Run: [SFP] C:\Program Files\Common Files\Verizon Online\SFP\vzSFPWin.EXE /s
O4 - HKCU\..\Run: [Win32 USB2 Driver] winxpinit.exe
O4 - HKCU\..\Run: [DWHeartbeatMonitor] C:\PROGRA~1\THEWEA~1\DWHeartbeatMonitor.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Ofm] C:\WINDOWS\System32\??rvices.exe
O4 - HKCU\..\Run: [Sdsr] C:\Documents and Settings\Owner\Application Data\spsa.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: PowerReg Scheduler.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Verizon Online Dialer.lnk = C:\Program Files\Common Files\Verizon Online\ConnMgr\Verizon Online.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5E8FD788-C323-4357-AB76-7CBCEFBA573C} (SpyBouncer.SBDownloader) - http://www.spybouncer.com/downloader.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1096438447079
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/y...ysb_regular.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...412/mcfscan.cab
O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} (WMService Class) - http://download.overpro.com/WildApp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFCC69BC-6003-4622-B4EC-EA3C2938A038}: NameServer = 151.197.0.38 151.197.0.39

Pages: [1]

TheTechGuide Forum

News:

Show Posts

Topics - ummzee

Site Feedback / What is going on with the forums - What did I miss?

Tech Clinic / Computer Locking, freezing and often Not responding

Tech Clinic / I am not able to paste my hijackthis log

Tech Clinic / hijackthis log - computer running slow

Tech Clinic / Computer Hanging - Hijackthis Log

Tech Clinic / Please View Hijack Log

Tech Clinic / hijack this log

Tech Clinic / HJT Log - Help!

Tech Clinic / Need annual and lifetime Test Subscription infor

Tech Clinic / Guestolo help - HJT log

Tech Clinic / HaghJack Log - Help Guestolo

Tech Clinic / Poor wireless connection

Hardware / Verizon DSL, wirless Westell router

Tech Clinic / High Jack this log

Software / Need picture of website

Tech Clinic / Highjack Log