Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Computer running slow ,programs responding real slow

(New)
(!)

ronnycopeh's Avatar
ronnycopeh ronnycopeh is offline
Junior Member with 5 posts.
THREAD STARTER
 
Join Date: Jul 2003
06-Oct-2006, 06:22 PM #1
Computer running slow ,programs responding real slow
My computer is responding real slow, I have scanned and have no spyware so it said. I use spybot search and destroy, window defender, spyware blaster, and spyware guard. running nod32 antivirus & Prisma firewall. here is a copy of my hijackthis files, thanks
Logfile of HijackThis v1.99.1
Scan saved at 11:32:12 AM, on 10/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0006)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\Prisma Firewall\prismon.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe
C:\Program Files\Prisma Firewall\priscore.exe
C:\Program Files\MSGTAG\MSGTAG.exe
C:\Program Files\BillP Studios\Task Catcher\TaskTrap.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\LClock\lclock.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\POP Peeper\POPPeeper.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\lxcfcoms.exe
C:\Program Files\Avant Browser\avant.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Ron\My Documents\Zipped Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=552...cid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Ronnell Harris-Copeland
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Prisma Monitor] C:\Program Files\Prisma Firewall\prismon.exe
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe"
O4 - HKCU\..\Run: [MSGTAG] "C:\Program Files\MSGTAG\MSGTAG.exe" /startup
O4 - HKCU\..\Run: [Task Catcher System Monitor] C:\Program Files\BillP Studios\Task Catcher\TaskTrap.exe
O4 - HKCU\..\Run: [WinPatrol System Monitor] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Customize - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra 'Tools' menuitem: Customize Menu - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra button: Generate - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra 'Tools' menuitem: Password Generator - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra button: TaskBar - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O9 - Extra 'Tools' menuitem: RoboForm TaskBar Icon - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O9 - Extra button: Set Fields - {320AF880-6646-11D3-ABEE-C5DBF3571F52} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
O9 - Extra 'Tools' menuitem: Set Fields - {320AF880-6646-11D3-ABEE-C5DBF3571F52} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
O9 - Extra button: Identities - {45DB34C3-955C-11D3-ABEF-444553540000} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O9 - Extra 'Tools' menuitem: Identities Editor - {45DB34C3-955C-11D3-ABEF-444553540000} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O9 - Extra button: Passcards - {45DB34C3-955C-11D3-ABEF-444553540001} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O9 - Extra 'Tools' menuitem: Passcards Editor - {45DB34C3-955C-11D3-ABEF-444553540001} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O9 - Extra button: Safenotes - {45DB34C3-955C-11D3-ABEF-444553540002} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditNote.html
O9 - Extra 'Tools' menuitem: Safenotes Editor - {45DB34C3-955C-11D3-ABEF-444553540002} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditNote.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O15 - Trusted Zone: http://*.bigsite.us
O16 - DPF: {29710C4C-4F0F-4A36-8312-CB5614829804} - http://www.drivershq.com/files/cab/n...tective-nm.cab
O16 - DPF: {90F7E144-984F-4FA6-83A7-C9C8DCB9974C} - http://www.radarsync.com/RSActiveX.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - http://www.driveragent.com/files/driveragent.cab
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O20 - Winlogon Notify: winjks32 - winjks32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PrismaCore - ICode&Ideas - C:\Program Files\Prisma Firewall\priscore.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Cheeseball81's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 83,530 posts.
 
Join Date: Mar 2004
Location: Long Island, NY
Experience: Advanced
06-Oct-2006, 07:18 PM #2
Rescan with Hijack This.
Close all browser windows except Hijack This.
Put a check mark beside these entries and click "Fix Checked".

O20 - Winlogon Notify: winjks32 - winjks32.dll (file missing)

Reboot.

Run ActiveScan online virus scan:
http://www.pandasoftware.com/products/activescan.htm

Once you are on the Panda site click the Scan your PC button.
A new window will open...click the Check Now button.
Enter your Country.
Enter your State/Province.
Enter your e-mail address and click send.
Select either Home User or Company.
Click the big Scan Now button.
If it wants to install an ActiveX component allow it.
It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
When download is complete, click on My Computer to start the scan.
When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Post the contents of the ActiveScan report.
__________________
Microsoft MVP - Consumer Security
If we've helped you, please donate to TSG!
ronnycopeh's Avatar
ronnycopeh ronnycopeh is offline
Junior Member with 5 posts.
THREAD STARTER
 
Join Date: Jul 2003
06-Oct-2006, 09:12 PM #3
Here is the report from activescan

Incident Status Location

Adware:adware/swimsuitnetwork Not disinfected c:\windows\system32\MYDLL.dll
Adware:adware/bdsearch Not disinfected Windows Registry
Spyware:spyware/cws.olehelp Not disinfected Windows Registry
Adware:adware/brands Not disinfected Windows Registry
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Ron\My Documents\Zipped Files\SmitfraudFix\SmitfraudFix\Process.exe
Spyware:Cookie/FastClick Not disinfected C:\Program Files\K-Meleon\Profiles\default\pt7tc305.slt\cookies.txt[.fastclick.net/]
Spyware:Cookie/Casalemedia Not disinfected C:\Program Files\K-Meleon\Profiles\default\pt7tc305.slt\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\Program Files\K-Meleon\Profiles\default\pt7tc305.slt\cookies.txt[.bluestreak.com/]
Cheeseball81's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 83,530 posts.
 
Join Date: Mar 2004
Location: Long Island, NY
Experience: Advanced
07-Oct-2006, 04:44 PM #4
Please download the Killbox by Option^Explicit.

Note: In the event you already have Killbox, this is a new version that I need you to download.
  • Save it to your desktop.
  • Please double-click Killbox.exe to run it.
  • Select:
    • Delete on Reboot
    • then Click on the All Files button.
  • Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):


    c:\windows\system32\MYDLL.dll

  • Return to Killbox, go to the File menu, and choose Paste from Clipboard.
  • Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If your computer does not restart automatically, please restart it manually.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.
ronnycopeh's Avatar
ronnycopeh ronnycopeh is offline
Junior Member with 5 posts.
THREAD STARTER
 
Join Date: Jul 2003
07-Oct-2006, 05:23 PM #5
Did as you said but no message prompt so what do i need to do now
scan from
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:27:10 AM 10/7/2006

+ Scan result:



HKU\S-1-5-21-4246276606-1855351328-2903718149-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE7C3CF0-4B15-11D1-ABED-709549C10000} -> Adware.Generic : Cleaned.
C:\Program Files\Common Files\Microsoft Shared\Translat\LicenseManager.exe -> Logger.Delf.ta : Cleaned.
HKU\S-1-5-21-4246276606-1855351328-2903718149-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C} -> Trojan.Ciadoor.m : Cleaned.


::Report end
New Hijackthis Scan
Logfile of HijackThis v1.99.1
Scan saved at 5:22:19 PM, on 10/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0006)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Prisma Firewall\prismon.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\MSGTAG\MSGTAG.exe
C:\Program Files\BillP Studios\Task Catcher\TaskTrap.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\LClock\lclock.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Prisma Firewall\priscore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\POP Peeper\POPPeeper.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Avant Browser\avant.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Ron\My Documents\JUNK\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emachines.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Ronnell Harris-Copeland
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Prisma Monitor] C:\Program Files\Prisma Firewall\prismon.exe
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [MSGTAG] "C:\Program Files\MSGTAG\MSGTAG.exe" /startup
O4 - HKCU\..\Run: [Task Catcher System Monitor] C:\Program Files\BillP Studios\Task Catcher\TaskTrap.exe
O4 - HKCU\..\Run: [WinPatrol System Monitor] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Customize - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra 'Tools' menuitem: Customize Menu - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra button: Generate - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra 'Tools' menuitem: Password Generator - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra button: TaskBar - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O9 - Extra 'Tools' menuitem: RoboForm TaskBar Icon - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O9 - Extra button: Set Fields - {320AF880-6646-11D3-ABEE-C5DBF3571F52} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
O9 - Extra 'Tools' menuitem: Set Fields - {320AF880-6646-11D3-ABEE-C5DBF3571F52} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
O9 - Extra button: Identities - {45DB34C3-955C-11D3-ABEF-444553540000} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O9 - Extra 'Tools' menuitem: Identities Editor - {45DB34C3-955C-11D3-ABEF-444553540000} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
O9 - Extra button: Passcards - {45DB34C3-955C-11D3-ABEF-444553540001} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O9 - Extra 'Tools' menuitem: Passcards Editor - {45DB34C3-955C-11D3-ABEF-444553540001} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditPass.html
O9 - Extra button: Safenotes - {45DB34C3-955C-11D3-ABEF-444553540002} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditNote.html
O9 - Extra 'Tools' menuitem: Safenotes Editor - {45DB34C3-955C-11D3-ABEF-444553540002} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComEditNote.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O15 - Trusted Zone: http://*.bigsite.us
O16 - DPF: {29710C4C-4F0F-4A36-8312-CB5614829804} - http://www.drivershq.com/files/cab/n...tective-nm.cab
O16 - DPF: {90F7E144-984F-4FA6-83A7-C9C8DCB9974C} - http://www.radarsync.com/RSActiveX.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - http://www.driveragent.com/files/driveragent.cab
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: lxcf_device - - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PrismaCore - ICode&Ideas - C:\Program Files\Prisma Firewall\priscore.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Cheeseball81's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 83,530 posts.
 
Join Date: Mar 2004
Location: Long Island, NY
Experience: Advanced
08-Oct-2006, 03:19 PM #6
Looks okay. How are things now?
ronnycopeh's Avatar
ronnycopeh ronnycopeh is offline
Junior Member with 5 posts.
THREAD STARTER
 
Join Date: Jul 2003
08-Oct-2006, 04:33 PM #7
Thanks so much for your help things are better and the puter is a lot faster but i'm still a little puzzled with this entry
- Unknown file in Winsock LSP: c:\windows\system32\reflection.dll
Cheeseball81's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 83,530 posts.
 
Join Date: Mar 2004
Location: Long Island, NY
Experience: Advanced
08-Oct-2006, 09:43 PM #8
It's part of Prisma Firewall
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑