Advertisement
Advertisement
 Search | |
| |
07-Jul-2009, 12:25 AM
#1 | |||||||
| What is making my PC so slow! I'm fairly knowledgeable I think, but this has got the best of me. My PC has been especially slow lately. Not sure when it happened but it's SLOW! I have gone thru and deleted about 20 applications I was not using before. I have repaired and defragged the registry, the disc is not that fragmented so I have not done that. But the machine remains slow. For example, applications load slow, doing a right click takes a login time for a menu to come up. Start-up and shutdown take a very long time. Below is my system info followed by my HJT Log an I'm hoping someone will see something that will help me speed up my system! Thanks for any help you can provide. System Info: Dell Dimension 8400 Media Center Edition from 11/04. PentiumŪ 4 Processor 560 (3.60GHz, 800 FSB); Windows XP Media Center Edition Service Pack 3; 2GB Dual Channel DDR2 SDRAM at 533MHz (2x1GB); NVIDIA GeForce 6800 (256 MB) Video Card; 500 GB Seagate SATA-II system drive w/~212 GB free; Broadcom NetXtreme 57xx Gigabit Controller. Major SW Apps: Office 2007, Adobe CS4 Suite, Quicken and Quickbooks, Free Versions of Zone Alarm and AVG. HJT Log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:44:16 PM, on 7/6/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\WINDOWS\eHome\ehmsas.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Clipomatic\Clipomatic.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Weather Watcher Live\ww.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: CitiUS Shared Browser Helper Object - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\Program Files\Virtual Account Numbers\BhoCitUS.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: CDelHotkeys Object - {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.9.0\ViewBarBHO.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Delicious Toolbar - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [Clipomatic] C:\Program Files\Clipomatic\Clipomatic.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Auto EPSON Stylus Photo R800 on HAL] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI8JA.EXE /FU "C:\WINDOWS\TEMP\E_S378.tmp" /EF "HKCU" O4 - HKCU\..\Run: [WeatherWatcherLive] "C:\Program Files\Weather Watcher Live\ww.exe" O4 - HKCU\..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe O4 - HKUS\S-1-5-21-3881248347-474712985-3267158099-1012\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup (User 'QBDataServiceUser') O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Delicious - {2C887991-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll O9 - Extra button: Bookmarks - {2C887992-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll O9 - Extra button: Tag - {2C887993-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Virtual Account Numbers - {DE700910-58F7-4D2E-B7E6-3BA2DA1B6806} - C:\PROGRA~1\VIRTUA~2\CitiVAN.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/mini...ansporter.cab? O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - http://moneycentral.msn.com/cabs/pmupd806.exe O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/tech...rl/tgctlsi.cab O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...rl/tgctlsr.cab O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/14.21/uploader2.cab O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedIn...derControl.cab O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - https://www.microsoft.com/resources/...veXClient1.cab O16 - DPF: {4F18FFF5-85B9-4378-A1B4-06743830EC70} (WAPUploaderAX Class) - https://www.web-a-photo.com/WebaphotoUploaderXP.cab O16 - DPF: {5879B3B0-566E-4ECB-9B77-9A8A5E62AAB8} - http://www.blackberry.com/DST2007/pa...eLoaderUSB.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1120535075859 O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/inst...l/pinstall.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1140694947812 O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/Visi.../TLIEFlash.CAB O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - https://a248.e.akamai.net/f/248/5462...l/SymDlBrg.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://74.92.3.186:8095/activex/AMC.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/def...ploader_v6.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab O16 - DPF: {FA9740A2-5802-42E2-B509-81186EEB3C42} (WABControl Class) - https://www.linkedin.com/cab/wabctrl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B61F343D-A618-4235-AB44-8D1FD878F972}: NameServer = 68.87.71.226,68.87.73.242 O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1c9691548ba976c) (gupdate1c9691548ba976c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: QuickBooksDB - Intuit, Inc. - C:\PROGRA~1\Intuit\QUICKB~2\QBDBMgrN.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe -- End of file - 20305 bytes Thanks Again!!! \Dave |
07-Jul-2009, 12:36 AM
#2 | |||||||
| More Info on the slow Dell 8400 Could not post this the last time (was too long)... Here is the uninstall list.It goes with my slow system post a second ago... Thanks, Dave Doherty Uninstall List 7-Zip 4.65 abrViewer.NET 1.0.1 Acronis True Image Home Adobe Acrobat Elements 6.0 Adobe After Effects CS4 Adobe After Effects CS4 Presets Adobe After Effects CS4 Template Projects & Footage Adobe AIR Adobe AIR Adobe Anchor Service CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Extra Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Recommended Settings CS4 Adobe Color Video Profiles AE CS4 Adobe Color Video Profiles CS CS4 Adobe Creative Suite 4 Production Premium Adobe Creative Suite 4 Production Premium Adobe CS4 American English Speech Analysis Models Adobe CSI CS4 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Drive CS4 Adobe Dynamiclink Support Adobe Encore CS4 Adobe Encore CS4 Codecs Adobe Encore CS4 Codecs Adobe Encore CS4 Library Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Flash CS4 Adobe Flash CS4 Extension - Flash Lite STI en Adobe Flash CS4 STI-en Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Fonts All Adobe Illustrator CS4 Adobe Linguistics CS4 Adobe Media Encoder CS4 Adobe Media Encoder CS4 Additional Exporter Adobe Media Encoder CS4 Dolby Adobe Media Encoder CS4 Exporter Adobe Media Encoder CS4 Exporter Adobe Media Encoder CS4 Importer Adobe Media Encoder CS4 Importer Adobe Media Player Adobe MotionPicture Color Files CS4 Adobe OnLocation CS4 Adobe Output Module Adobe PDF IFilter 6.0 Adobe PDF Library Files CS4 Adobe Photoshop Album 2.0 Adobe Photoshop CS4 Adobe Photoshop CS4 Support Adobe Premiere Pro CS4 Adobe Premiere Pro CS4 Functional Content Adobe Reader 9.1.2 Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe Setup Adobe Setup Adobe Setup Adobe Setup Adobe Shockwave Player 11 Adobe Soundbooth CS4 Adobe Soundbooth CS4 Codecs Adobe Soundbooth CS4 Codecs Adobe Stock Photos 1.0 Adobe Stock Photos 1.0 Adobe Support Advisor Adobe Type Support CS4 Adobe Update Manager CS4 Adobe Version Cue CS4 Server Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB AdobeSupportAdvisor AGEIA PhysX v2.3.3 AI RoboForm (All Users) Akram Audio Converter 2.14 AMP Font Viewer AndreaMosaic 3.18 AnswerWorks 5.0 English Runtime Apple Mobile Device Support Apple Software Update ArcSoft Camera Suite Audio User's Guide AusLogics Disk Defrag AusLogics Registry Defrag AVG 8.5 Avi Info Tooltip AXIS Media Control Embedded Battlefield Heroes Bing Maps 3D BlackBerry Desktop Software 4.6 BlackBerry Desktop Software 4.6 BlackBerry Device Software v4.5.0 for the BlackBerry 8120 smartphone BluffTitler Bonjour Broadcom Advanced Control Suite 2 Canon Camera Access Library Canon Camera Support Core Library Canon G.726 WMP-Decoder Canon MovieEdit Task for ZoomBrowser EX Canon RAW Image Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities EOS Utility Canon Utilities MyCamera Canon Utilities MyCamera DC Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CDDRV_Installer Choice Guard Classic PhoneTools ClearType Tuning Control Panel Applet Clipomatic ColorPic Conexant D850 56K V.9x DFVc Modem Connect Creative Audio Console Creative MediaSource Creative MediaSource DVD-Audio Player Critical Update for Windows Media Player 11 (KB959772) CrossLoop 2.44 Crystal Button 2.8 Cypress USB Mass Storage Driver Installation Data Lifeguard del.icio.us Buttons for Internet Explorer Delicious Add-on for Internet Explorer Dell Digital Jukebox Driver Dell Driver Reset Tool Dell Photo AIO Printer 962 Dell Support 5.0.0 (766) DeLorme Street Atlas USA 2007 DeLorme Street Atlas USA 2007 Service Pack 3 DivX DivX Player DVD Decrypter (Remove Only) DVD Shrink 3.2 EditPlus 2 EPSON Print CD FileMaker Pro 5.0 FileMenu Tools FileZilla Client 3.2.4.1 FLV Player 2.0 (build 25) Garmin GPS Control for Internet Explorer Garmin POI Loader Garmin WebUpdater Glary Utilities Pro 2.14.0.711 GoodSync Google Chrome Google Desktop Google Earth Google Toolbar for Internet Explorer Google Toolbar for Internet Explorer Google Update Helper Google Updater GoTimeIt HighMAT Extension to Microsoft Windows XP CD Writing Wizard HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows Media Player 10 (KB910393) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB961118) Icon Restore 1.0 IFilterShop CHM IFilter (remove only) IFilterShop XMP IFilter (remove only) IFilterShop Zip IFilter (remove only) Image Resizer Powertoy for Windows XP Intel Application Accelerator InterActual Player Internet Explorer Default Page IrfanView (remove only) iriver Music Manager iriver Music Manager iRiver Updater iTunes Java(TM) 6 Update 13 Java(TM) 6 Update 5 Java(TM) 6 Update 7 Junk Mail filter update JW Desktop Player KhalInstallWrapper kuler Logitech SetPoint Logitech Updater MasterCook 6: Deluxe Edition Media Lab SiteGrinder 2 (Basic & Pro) MediaMonkey 3.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft National Language Support Downlevel APIs Microsoft Office 2003 Web Components Microsoft Office 2007 Primary Interop Assemblies Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Excel MUI (English) 2007 Microsoft Office FrontPage 2003 Microsoft Office Home and Student 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook 2007 Microsoft Office Outlook 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Edition 2003 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Small Business Connectivity Components Microsoft Office Word MUI (English) 2007 Microsoft Plus! Digital Media Edition Installer Microsoft Project 2000 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Windows XP Video Decoder Checkup Utility Mirror Magic MobileMe Control Panel Mosaic Creator 2.95 Mozilla Firefox (3.0.11) MSVCRT MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 Parser and SDK MSXML 6.0 Parser (KB933579) Nero 8 neroxml NetZeroInstallers NewTek SpeedEDIT NVIDIA Drivers NVIDIA Media Center extensions for display PDF Settings CS4 Photo Story 3 for Windows Photoshop Camera Raw Picasa 3 PicLens for Internet Explorer Pixel Bender Toolkit PowerDVD 5.3 Qualxserve Service Agreement QuickBooks Pro 2006 Quicken 2009 QuickTime RealPlayer Registry Mechanic 7.0 Revo Uninstaller 1.83 Rhapsody Player Engine Roxio Media Manager SeaTools for Windows Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB969679) Security Update for CAPICOM (KB931906) Security Update for CAPICOM (KB931906) Security Update for Microsoft Office Excel 2007 (KB969682) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office Word 2007 (KB969604) Security Update for Microsoft Office Word 2007 (KB969604) Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Media Encoder (KB954156) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Segoe UI Shockwave Snagit 9.1 Sonic Encoders Sonic Update Manager Sorenson Squeeze 4.5 Sound Blaster Audigy 2 ZS Sound Blaster for Media Center Spelling Dictionaries Support For Adobe Reader 9 STOIK Video Converter 2 StuffIt Expander Suite Shared Configuration CS4 SUPER Đ Version 2009.bld.36 (June 10, 2009) Swiff Player 1.1 System Requirements Lab TagScanner 5.0 build 525 TMPGEnc KARMA.. TMPGEnc Plus 2.5 TreeSize Professional 3.22 Tweak UI TweakMCE Ulead DVD Workshop 2 SE UltraISO Premium V8.6 UnInstall Icon Restore 1.0 Uninstall Startup Inspector for Windows UniversalCallerID Update for 2007 Microsoft Office System (KB967642) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB969907) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Outlook 2007 Junk Email Filter (kb970012) Update for Windows Internet Explorer 8 (KB969497) Update for Windows Media Player 10 (KB913800) Update for Windows Media Player 10 (KB926251) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update Rollup 2 for Windows XP Media Center Edition 2005 VC 9.0 Runtime VC 9.0 Runtime VCRedistSetup Viewpoint Manager (Remove Only) Viewpoint Media Player Viewpoint Toolbar Virtual Account Numbers Weather Watcher Live WeatherBug WebEx Windows Client Operating System Windows Defender Windows Defender Signatures Windows Genuine Advantage v1.3.0254.0 Windows Imaging Component Windows Installer Clean Up Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Upload Tool Windows Media Connect Windows Media Encoder 9 Series Windows Media Encoder 9 Series Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 Windows Media Player Firefox Plugin Windows Resource Kit Tools - SubInAcl.exe Windows Search 4.0 Windows XP Media Center Edition 2005 KB888316 Windows XP Media Center Edition 2005 KB925766 Windows XP Service Pack 3 ZoneAlarm ZoneAlarm Spy Blocker |
07-Jul-2009, 12:41 AM
#3 | |||||||
| One last list for the slow Dell - the start-up list Again, could not do two logs. So, here is the: startup list... (part one - the report won't fit on 1 post) Thanks \Dave StartUp List (p1) StartupList report, 7/6/2009, 9:54:37 PM StartupList version: 1.52.2 Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE Detected: Windows XP SP3 (WinNT 5.01.2600) Detected: Internet Explorer v8.00 (8.00.6001.18702) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\WINDOWS\eHome\ehmsas.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Clipomatic\Clipomatic.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Weather Watcher Live\ww.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchProtocolHost.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\Dave\Start Menu\Programs\Startup] OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Start Menu\Programs\Startup] Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run IAAnotif = C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe ehTray = C:\WINDOWS\ehome\ehtray.exe CTSysVol = C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r AdobeCS4ServiceManager = "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin Adobe_ID0ENQBO = C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE Windows Defender = "C:\Program Files\Windows Defender\MSASCui.exe" -hide ZoneAlarm Client = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" Google Desktop Search = "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup IntelliPoint = "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" AVG8_TRAY = C:\PROGRA~1\AVG\AVG8\avgtray.exe NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup nwiz = nwiz.exe /install NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Clipomatic = C:\Program Files\Clipomatic\Clipomatic.exe MsnMsgr = "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background swg = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe Auto EPSON Stylus Photo R800 on HAL = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI8JA.EXE /FU "C:\WINDOWS\TEMP\E_S378.tmp" /EF "HKCU" WeatherWatcherLive = "C:\Program Files\Weather Watcher Live\ww.exe" RoboForm = C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [AutorunsDisabled] UpdateManager = "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r [OptionalComponents] = -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [AdobeUpdater] = -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] * StubPath = C:\WINDOWS\system32\ieudinit.exe [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [KB910393] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{407408d4-94ed-4d86-ab69-a7f649d112ee}] * StubPath = %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install [{8b15971b-5355-4c82-8c07-7e181ea07608}] StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser [{94de52c8-2d59-4f1b-883e-79663d2d9a8c}] StubPath = rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=AVGRSSTX.DLL C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Company name OK: 'Microsoft Corporation' - Original filename OK: 'REGEDIT.EXE' - File description: 'Registry Editor' Registry check passed -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll - {00C6482D-C502-44C8-8409-FCE54AD9C208} (no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} AcroIEHelperStub - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} (no name) - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll - {3049C3E9-B461-4BC5-8870-4C09146192CA} CitiUS Shared Browser Helper Object - C:\Program Files\Virtual Account Numbers\BhoCitUS.dll - {387EDF53-1CF2-4523-BC2F-13462651BE8C} (no name) - (no file) - {5C255C8A-E604-49b4-9D64-90988571CECB} RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll - {724d43a9-0d85-11d4-9908-00400523e39a} (no name) - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll - {78875F5C-A685-4405-8DC5-D48DC65452B0} (no name) - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} (no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6} (no name) - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.9.0\ViewBarBHO.dll - {A7327C09-B521-4EDB-8509-7D2660C9EC98} (no name) - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7} (no name) - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (no name) - C:\Program Files\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9} JQSIEStartDetectorImpl - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} PicLens plug-in for Internet Explorer - C:\Program Files\PicLensIE\PicLens.dll - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} -------------------------------------------------- Enumerating Task Scheduler jobs: AppleSoftwareUpdate.job GlaryInitialize.job Google Software Updater.job GoogleUpdateTaskMachineCore.job GoogleUpdateTaskMachineUA.job Microsoft_Hardware_Launch_IType_exe.job MP Scheduled Scan.job Norton Internet Security - Run Full System Scan - Dave.job User_Feed_Synchronization-{A972B1B6-788B-43F7-9B42-29EB98DA4666}.job -------------------------------------------------- Enumerating Download Program Files: [Office Genuine Advantage Validation Tool] InProcServer32 = C:\WINDOWS\system32\OGACheckControl.DLL CODEBASE = http://download.microsoft.com/downlo...OGAControl.cab [Creative Software AutoUpdate] InProcServer32 = C:\WINDOWS\DOWNLO~1\CTSUEng.ocx CODEBASE = http://www.creative.com/su/ocx/15030/CTSUEng.cab [SentinelVE3D Class] InProcServer32 = C:\Program Files\Virtual Earth 3D\SentinelVirtualEarth3D.dll CODEBASE = http://download.microsoft.com/downlo...ualEarth3D.cab [Windows Genuine Advantage Validation Tool] InProcServer32 = C:\WINDOWS\system32\legitcheckcontrol.dll CODEBASE = http://download.microsoft.com/downlo...eckControl.cab [{1F2F4C9E-6F09-47BC-970D-3C54734667FE}] CODEBASE = http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab [MiniBugTransporterX Class] InProcServer32 = blank CODEBASE = http://wdownload.weatherbug.com/mini...ansporter.cab? [Installation Support] InProcServer32 = C:\Program Files\Yahoo!\Common\Yinsthelper.dll CODEBASE = C:\Program Files\Yahoo!\Common\Yinsthelper.dll [SentinelProxy Class] InProcServer32 = C:\Program Files\Virtual Earth 3D\SentinelVirtualEarth3DProxy.dll CODEBASE = http://download.microsoft.com/downlo...ualEarth3D.cab [{3DC2E31C-371A-4BD3-9A27-CDF57CE604CF}] CODEBASE = http://moneycentral.msn.com/cabs/pmupd806.exe [Office Update Installation Engine] InProcServer32 = C:\WINDOWS\opuc.dll CODEBASE = http://office.microsoft.com/officeup...tent/opuc3.cab [Snapfish Activia] InProcServer32 = C:\WINDOWS\Downloaded Program Files\SnapfishActivia1000.ocx CODEBASE = http://photo.walgreens.com/WalgreensActivia.cab [Symantec SmartIssue] InProcServer32 = C:\WINDOWS\Downloaded Program Files\tgctlsi.dll CODEBASE = https://www-secure.symantec.com/tech...rl/tgctlsi.cab [Symantec Script Runner Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\tgctlsr.dll CODEBASE = https://www-secure.symantec.com/tech...rl/tgctlsr.cab [UploadListView Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\UploaderX.dll CODEBASE = http://picasaweb.google.com/s/v/14.21/uploader2.cab [LinkedIn ContactFinderControl] InProcServer32 = C:\WINDOWS\DOWNLO~1\LINKED~1.DLL CODEBASE = http://www.linkedin.com/cab/LinkedIn...derControl.cab [Malicious Software Removal Tool] InProcServer32 = C:\WINDOWS\Downloaded Program Files\WebCleaner.dll CODEBASE = http://download.microsoft.com/downlo...WebCleaner.cab [Microsoft Virtual Server VMRC Advanced Control] InProcServer32 = C:\WINDOWS\Downloaded Program Files\VMRCActiveXClient.dll CODEBASE = https://www.microsoft.com/resources/...veXClient1.cab [WAPUploaderAX Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\WebaphotoUploader.dll CODEBASE = https://www.web-a-photo.com/WebaphotoUploaderXP.cab [{5879B3B0-566E-4ECB-9B77-9A8A5E62AAB8}] CODEBASE = http://www.blackberry.com/DST2007/pa...eLoaderUSB.cab [WUWebControl Class] InProcServer32 = C:\WINDOWS\system32\wuweb.dll CODEBASE = http://update.microsoft.com/windowsu...?1120535075859 [Symantec Download Manager] InProcServer32 = C:\WINDOWS\Downloaded Program Files\symdlmgr.dll CODEBASE = https://webdl.symantec.com/activex/symdlmgr.cab [Install Class] InProcServer32 = blank CODEBASE = http://updates.lifescapeinc.com/inst...l/pinstall.cab [MUWebControl Class] InProcServer32 = C:\WINDOWS\system32\muweb.dll CODEBASE = http://update.microsoft.com/microsof...?1140694947812 [{74C861A1-D548-4916-BC8A-FDE92EDFF62C}] CODEBASE = http://mediaplayer.walmart.com/installer/install.cab |
07-Jul-2009, 12:46 AM
#4 | |||||||
| Startup list part 2 of 2 - for slow Dell 8400 I'm posting the start-up list here becuase it seems BIG to me... \Dave StartupList report, 7/6/2009, 9:54:37 PM - PART 2 StartupList version: 1.52.2 Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE Detected: Windows XP SP3 (WinNT 5.01.2600) Detected: Internet Explorer v8.00 (8.00.6001.18702) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== [Java Plug-in 1.6.0_07] InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [Java Plug-in 1.6.0_13] InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [Java Plug-in 1.6.0_13] InProcServer32 = C:\Program Files\Java\jre6\bin\npjpi160_13.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [AxisMediaControlEmb Class] InProcServer32 = C:\Program Files\Axis Communications\AXIS Media Control Embedded\AxisMediaControlEmb.dll CODEBASE = http://74.92.3.186:8095/activex/AMC.cab [PopCapLoader Object] CODEBASE = http://zone.msn.com/bingame/dim2/def...ploader_v6.cab [Creative Software AutoUpdate Support Package] InProcServer32 = C:\WINDOWS\DOWNLO~1\CTPID.ocx CODEBASE = http://www.creative.com/su/ocx/15014/CTPID.cab [WABControl Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\wabctrl.dll CODEBASE = https://www.linkedin.com/cab/wabctrl.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll NameSpace #4: C:\Program Files\Bonjour\mdnsNSP.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services 61883 Unit Device: system32\DRIVERS\61883.sys (manual start) abp480n5: system32\DRIVERS\ABP480N5.SYS (system) Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system) Acronis Scheduler2 Service: "C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe" (autostart) Adobe Version Cue CS4: "C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" -win32service (manual start) adpu160m: system32\DRIVERS\adpu160m.sys (system) Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start) AFD: \SystemRoot\System32\drivers\afd.sys (system) Intel AGP Bus Filter: system32\DRIVERS\agp440.sys (system) Compaq AGP Bus Filter: system32\DRIVERS\agpCPQ.sys (system) Aha154x: system32\DRIVERS\aha154x.sys (system) aic78u2: system32\DRIVERS\aic78u2.sys (system) aic78xx: system32\DRIVERS\aic78xx.sys (system) Alerter: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start) AliIde: system32\DRIVERS\aliide.sys (system) ALI AGP Bus Filter: system32\DRIVERS\alim1541.sys (system) AMD AGP Bus Filter Driver: system32\DRIVERS\amdagp.sys (system) amsint: system32\DRIVERS\amsint.sys (system) Apple Mobile Device: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" (autostart) Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) 1394 ARP Client Protocol: system32\DRIVERS\arp1394.sys (manual start) asc: system32\DRIVERS\asc.sys (system) asc3350p: system32\DRIVERS\asc3350p.sys (system) asc3550: system32\DRIVERS\asc3550.sys (system) ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start) RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start) Standard IDE/ESDI Hard Disk Controller: system32\DRIVERS\atapi.sys (system) ATI eHomeWonder, WDM Video CODEC: system32\DRIVERS\atinewp2.sys (manual start) ATM ARP Client Protocol: system32\DRIVERS\atmarpc.sys (manual start) Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Audio Stub Driver: system32\DRIVERS\audstub.sys (manual start) AVC Device: system32\DRIVERS\avc.sys (manual start) AVG Free8 WatchDog: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (autostart) AVG Free AVI Loader Driver x86: \SystemRoot\System32\Drivers\avgldx86.sys (system) AVG Free On-access Scanner Minifilter Driver x86: \SystemRoot\System32\Drivers\avgmfx86.sys (system) Broadcom NetXtreme 57xx Gigabit Controller: system32\DRIVERS\b57xp32.sys (manual start) Background Intelligent Transfer Service: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Bonjour Service: "C:\Program Files\Bonjour\mDNSResponder.exe" (autostart) Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) cbidf: system32\DRIVERS\cbidf2k.sys (system) Canon Camera Access Library 8: C:\Program Files\Canon\CAL\CALMAIN.exe (autostart) Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start) cd20xrnt: system32\DRIVERS\cd20xrnt.sys (system) CD-ROM Driver: system32\DRIVERS\cdrom.sys (system) Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start) ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled) .NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start) CmdIde: system32\DRIVERS\cmdide.sys (system) COMMONFX.DLL: system32\COMMONFX.DLL (manual start) COM+ System Application: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Cpqarray: system32\DRIVERS\cpqarray.sys (system) Creative Service for CDROM Access: C:\WINDOWS\system32\CTsvcCDA.EXE (autostart) Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) CT20XUT.DLL: system32\CT20XUT.DLL (manual start) Creative AC3 Software Decoder: System32\drivers\ctac32k.sys (manual start) Creative Audio Driver (WDM): system32\drivers\ctaud2k.sys (manual start) CTAUDFX.DLL: system32\CTAUDFX.DLL (manual start) Creative DVD-Audio Device Driver: System32\drivers\ctdvda2k.sys (manual start) CTEAPSFX.DLL: system32\CTEAPSFX.DLL (manual start) CTEDSPFX.DLL: system32\CTEDSPFX.DLL (manual start) CTEDSPIO.DLL: system32\CTEDSPIO.DLL (manual start) CTEDSPSY.DLL: system32\CTEDSPSY.DLL (manual start) CTERFXFX.DLL: system32\CTERFXFX.DLL (manual start) CTEXFIFX.DLL: system32\CTEXFIFX.DLL (manual start) CTHWIUT.DLL: system32\CTHWIUT.DLL (manual start) Creative Proxy Driver: System32\drivers\ctprxy2k.sys (manual start) CTSBLFX.DLL: system32\CTSBLFX.DLL (manual start) Creative SoundFont Management Device Driver: System32\drivers\ctsfm2k.sys (manual start) dac2w2k: system32\DRIVERS\dac2w2k.sys (system) dac960nt: system32\DRIVERS\dac960nt.sys (system) DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Disk Driver: system32\DRIVERS\disk.sys (system) Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) Logical Disk Manager Driver: System32\drivers\dmio.sys (system) dmload: System32\drivers\dmload.sys (system) Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start) DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Wired AutoConfig: %SystemRoot%\System32\svchost.exe -k dot3svc (manual start) dpti2o: system32\DRIVERS\dpti2o.sys (system) Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start) Intel(R) PRO Adapter Driver: system32\DRIVERS\e100b325.sys (manual start) Extensible Authentication Protocol Service: %SystemRoot%\System32\svchost.exe -k eapsvcs (manual start) Media Center Receiver Service: C:\WINDOWS\eHome\ehRecvr.exe (autostart) Media Center Scheduler Service: C:\WINDOWS\eHome\ehSched.exe (autostart) E-mu Plug-in Architecture Driver: System32\drivers\emupia2k.sys (manual start) ENTECH: \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys (manual start) Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Event Log: %SystemRoot%\system32\services.exe (autostart) COM+ Event System: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (manual start) FLEXnet Licensing Service: "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" (manual start) Floppy Disk Driver: system32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\drivers\fltmgr.sys (system) Windows Presentation Foundation Font Cache 3.0.0.0: c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (manual start) Volume Manager Driver: system32\DRIVERS\ftdisk.sys (system) Game Port Enumerator: system32\DRIVERS\gameenum.sys (manual start) gdrv: \??\C:\WINDOWS\gdrv.sys (manual start) GEAR ASPI Filter Driver: system32\drivers\gearaspiwdm.sys (manual start) Google Desktop Manager 5.8.809.23506: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" (manual start) Generic Packet Classifier: system32\DRIVERS\msgpc.sys (manual start) Google Update Service (gupdate1c9691548ba976c): "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (autostart) Google Software Updater: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (autostart) Creative Hardware Abstract Layer Driver: System32\drivers\ha10kx2k.sys (manual start) Creative P16V HAL Driver: System32\drivers\hap16v2k.sys (manual start) Creative P17V HAL Driver: system32\drivers\hap17v2k.sys (manual start) Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Microsoft Infrared HID Driver: system32\DRIVERS\hidir.sys (manual start) HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Microsoft HID Class Driver: system32\DRIVERS\hidusb.sys (manual start) Health Key and Certificate Management Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) hpn: system32\DRIVERS\hpn.sys (system) HSFHWBS2: system32\DRIVERS\HSFHWBS2.sys (manual start) HSF_DP: system32\DRIVERS\HSF_DP.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) i2omp: system32\DRIVERS\i2omp.sys (system) i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (system) IAA Event Monitor: C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe (autostart) Intel RAID Controller: system32\drivers\iaStor.sys (system) InstallDriver Table Manager: "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe" (manual start) Windows CardSpace: "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (manual start) iriver Internet Audio Player IFP-300: system32\DRIVERS\ifp300.sys (system) CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system) IMAPI CD-Burning COM Service: C:\WINDOWS\system32\imapi.exe (manual start) ini910u: system32\DRIVERS\ini910u.sys (system) IntelIde: system32\DRIVERS\intelide.sys (system) Intel Processor Driver: system32\DRIVERS\intelppm.sys (system) IPv6 Windows Firewall Driver: system32\drivers\ip6fw.sys (manual start) IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start) IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start) IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start) iPod Service: "C:\Program Files\iPod\bin\iPodService.exe" (manual start) IPSEC driver: system32\DRIVERS\ipsec.sys (system) Infrared bus filter driver for eHome remote controls: system32\DRIVERS\IrBus.sys (manual start) IR Enumerator Service: system32\DRIVERS\irenum.sys (manual start) PnP ISA/EISA Bus Driver: system32\DRIVERS\isapnp.sys (system) ISO CD-ROM Device Driver: \??\C:\Program Files\UltraISO\drivers\ISODrive.sys (system) Java Quick Starter: "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" (autostart) Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system) Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (system) Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start) Logitech SetPoint Keyboard Driver: system32\DRIVERS\L8042Kbd.sys (manual start) Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) LBeepKE: System32\Drivers\LBeepKE.sys (autostart) Logitech Bluetooth Service: C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (manual start) TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) lmimirr: system32\DRIVERS\lmimirr.sys (manual start) TCP/IP Print Server: %SystemRoot%\system32\tcpsvcs.exe (manual start) Media Center Extender Service: C:\WINDOWS\ehome\mcrdsvc.exe (autostart) Machine Debug Manager: "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" (autostart) mdmxsdk: system32\DRIVERS\mdmxsdk.sys (autostart) Messenger: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) MHN: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) MHN driver: system32\DRIVERS\mhndrv.sys (manual start) NetMeeting Remote Desktop Sharing: C:\WINDOWS\system32\mnmsrvc.exe (manual start) Unimodem Streaming Filter Device: system32\drivers\MODEMCSA.sys (manual start) Mouse Class Driver: system32\DRIVERS\mouclass.sys (system) Mouse HID Driver: system32\DRIVERS\mouhid.sys (manual start) mraid35x: system32\DRIVERS\mraid35x.sys (system) WebDav Client Redirector: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start) Microsoft DV Camera and VCR: system32\DRIVERS\msdv.sys (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start) Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start) Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start) Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start) Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start) NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start) Network Access Protection Agent: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start) Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start) NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start) Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start) NetBIOS Interface: system32\DRIVERS\netbios.sys (system) NetBios over Tcpip: system32\DRIVERS\netbt.sys (system) Network DDE: %SystemRoot%\system32\netdde.exe (disabled) Network DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled) Net Logon: %SystemRoot%\system32\lsass.exe (manual start) Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Net.Tcp Port Sharing Service: "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" (disabled) 1394 Net Driver: system32\DRIVERS\nic1394.sys (manual start) Network Location Awareness (NLA): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) NMIndexingService: "C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe" (manual start) NT LM Security Support Provider: %SystemRoot%\system32\lsass.exe (manual start) Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) NUID filter driver: system32\DRIVERS\NuidFltr.sys (manual start) nv: system32\DRIVERS\nv4_mini.sys (manual start) NVIDIA Display Driver Service: %SystemRoot%\system32\nvsvc32.exe (autostart) IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start) IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start) Microsoft Office Diagnostics Service: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" (manual start) OHCI Compliant IEEE 1394 Host Controller: system32\DRIVERS\ohci1394.sys (system) OMCI WDM Device Driver: system32\DRIVERS\omci.sys (system) Office Source Engine: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start) Creative OS Services Driver: system32\drivers\ctoss2k.sys (manual start) Parallel port driver: system32\DRIVERS\parport.sys (manual start) PCI Bus Driver: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) perc2: system32\DRIVERS\perc2.sys (system) perc2hib: system32\DRIVERS\perc2hib.sys (system) Padus ASPI Shell: \??\C:\WINDOWS\system32\drivers\pfc.sys (manual start) Plug and Play: %SystemRoot%\system32\services.exe (autostart) PnkBstrA: C:\WINDOWS\system32\PnkBstrA.exe (autostart) Microsoft IntelliPoint Filter Driver: system32\DRIVERS\point32.sys (manual start) IPSEC Services: %SystemRoot%\system32\lsass.exe (autostart) WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start) Protected Storage: %SystemRoot%\system32\lsass.exe (autostart) QoS Packet Scheduler: system32\DRIVERS\psched.sys (manual start) Direct Parallel Link Driver: system32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) ql1080: system32\DRIVERS\ql1080.sys (system) Ql10wnt: system32\DRIVERS\ql10wnt.sys (system) ql12160: system32\DRIVERS\ql12160.sys (system) ql1240: system32\DRIVERS\ql1240.sys (system) ql1280: system32\DRIVERS\ql1280.sys (system) QuickBooksDB: C:\PROGRA~1\Intuit\QUICKB~2\QBDBMgrN.exe -hvQuickBooksDB (autostart) Remote Access Auto Connection Driver: system32\DRIVERS\rasacd.sys (system) Remote Access Auto Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Remote Access Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start) Direct Parallel: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Terminal Server Device Redirector Driver: system32\DRIVERS\rdpdr.sys (manual start) Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start) Digital CD Audio Playback Filter Driver: system32\DRIVERS\redbook.sys (system) Routing and Remote Access: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) BlackBerry Smartphone: System32\Drivers\RimUsb.sys (manual start) RIM Virtual Serial Port v2: system32\DRIVERS\RimSerial.sys (manual start) Microsoft Legacy Modem Driver: System32\Drivers\RootMdm.sys (manual start) Roxio UPnP Renderer 9: "C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe" (manual start) Roxio Upnp Server 9: "C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe" (autostart) LiveShare P2P Server 9: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" (autostart) RoxMediaDB9: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe" (manual start) Roxio Hard Drive Watcher 9: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe" (autostart) Remote Procedure Call (RPC) Locator: %SystemRoot%\system32\locator.exe (manual start) Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart) Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start) Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (autostart) Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Serenum Filter Driver: system32\DRIVERS\serenum.sys (manual start) Serial port driver: system32\DRIVERS\serial.sys (system) StarForce Protection Environment Driver (version 1.x): System32\drivers\sfdrv01.sys (system) StarForce Protection Helper Driver (version 2.x): System32\drivers\sfhlp02.sys (system) Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SiI-3132 SATALink Controller: system32\DRIVERS\SI3132.sys (system) SATALink driver accelerator: system32\DRIVERS\SiWinAcc.sys (system) SIS AGP Bus Filter: system32\DRIVERS\sisagp.sys (system) BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start) Acronis Snapshots Manager (Build 380): system32\DRIVERS\snman380.sys (system) SNMP Service: %SystemRoot%\System32\snmp.exe (autostart) SNMP Trap Service: %SystemRoot%\System32\snmptrap.exe (manual start) Sparrow: system32\DRIVERS\sparrow.sys (system) Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start) Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart) SQL Server VSS Writer: "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" (autostart) System Restore Filter Driver: system32\DRIVERS\sr.sys (system) srescan: system32\ZoneLabs\srescan.sys (system) System Restore Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Software Bus Driver: system32\DRIVERS\swenum.sys (manual start) Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{B961CCBB-6B89-4FEA-B07E-37CC5131741E} (manual start) symc810: system32\DRIVERS\symc810.sys (system) symc8xx: system32\DRIVERS\symc8xx.sys (system) symlcbrd: \??\C:\WINDOWS\system32\drivers\symlcbrd.sys (autostart) sym_hi: system32\DRIVERS\sym_hi.sys (system) sym_u3: system32\DRIVERS\sym_u3.sys (system) Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start) Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start) Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) TCP/IP Protocol Driver: system32\DRIVERS\tcpip.sys (system) Acronis Try&Decide and Restore Points filter (build 174): system32\DRIVERS\tdrpm174.sys (system) Terminal Device Driver: system32\DRIVERS\termdd.sys (system) Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Acronis True Image FS Filter: system32\DRIVERS\tifsfilt.sys (autostart) Acronis True Image Backup Archive Explorer: system32\DRIVERS\timntr.sys (system) Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled) TosIde: system32\DRIVERS\toside.sys (system) Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) TVICHW32: \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS (manual start) Ulead Burning Helper: C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (autostart) ultra: system32\DRIVERS\ultra.sys (system) Microcode Update Driver: system32\DRIVERS\update.sys (manual start) Universal Plug and Play Device Host: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start) Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start) Microsoft USB Standard Hub Driver: system32\DRIVERS\usbhub.sys (manual start) Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start) USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start) USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start) Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start) VGA Display Controller.: \SystemRoot\System32\drivers\vga.sys (system) VIA AGP Bus Filter: system32\DRIVERS\viaagp.sys (system) ViaIde: system32\DRIVERS\viaide.sys (system) Viewpoint Manager Service: "C:\Program Files\Viewpoint\Common\ViewpointService.exe" (autostart) vsdatant: System32\vsdatant.sys (system) TrueVector Internet Monitor: C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe -service (autostart) Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start) Windows Time: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start) WAN Miniport (ATW): system32\DRIVERS\wanatw4.sys (manual start) Wdf01000: system32\DRIVERS\Wdf01000.sys (manual start) Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) winachsf: system32\DRIVERS\HSF_CNXT.sys (manual start) Windows Defender: "C:\Program Files\Windows Defender\MsMpEng.exe" (autostart) Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Live Setup Service: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe" (manual start) Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Windows Management Instrumentation Driver Extensions: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) WMI Performance Adapter: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) Windows Media Player Network Sharing Service: "C:\Program Files\Windows Media Player\wmpnetwk.exe" (autostart) Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Windows Search: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart) World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start) Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (manual start) Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (manual start) Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No valueCs found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *No values found* -------------------------------------------------- End of report, 54,190 bytes Report generated in 0.234 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only |
12-Jul-2009, 07:54 AM
#5 | ||||||
| Hi, Welcome to TSG!! Go to add/remove programs and remove these: Java(TM) 6 Update 5 Java(TM) 6 Update 7 WeatherBug Download ATF Cleaner by Atribune.
Click Exit on the Main menu to close the program.  Download Malwarebytes' Anti-Malware from Here.Double Click mbam-setup.exe to install the application.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly. |
12-Jul-2009, 12:40 PM
#6 | |||||||
| Hi cybertech, Thanks for the help with this. I did everything you said. Please let me know what you think... When removing the Java updates, I removed update 13 too by mistake - so I installed the latest (version 14). ATF-Cleaner removed 319 MB Below is the log file from MBAM... So far i have noticed shutting down is much faster (I did a restart after finishing with MBAM - even through it didn't ask for it). The boot up didn't seem to be faster as far as I can tell. I'll try to tell if the machine is running faster or not. Two other things I forgot to mention 1) When I first turn on my system, I get a message about the battery being low (F1 to continue, F2 to go into setup). This message started after I went on vacation for two weeks and thought it would be a good idea to unplug my system. The settings in the BIOS seem fine - as does the date/time. I guess I'll replace it soon. 2) I thought maybe part of being slow was not enough memory for these newer applications (Office 2007, Adobe CS4). So I purchased more memory which will upgrade my system from 2GB to 4GB. I'll probably install that when I change the battery. (The memory is used, but it's the memory Dell recommended for this system). MBAM Log: Malwarebytes' Anti-Malware 1.38 Database version: 2412 Windows 5.1.2600 Service Pack 3 7/12/2009 11:52:51 AM mbam-log-2009-07-12 (11-52-51).txt Scan type: Quick Scan Objects scanned: 114176 Time elapsed: 6 minute(s), 29 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 10 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2b96 d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) |
12-Jul-2009, 02:04 PM
#7 | ||||||
| It does sound like you need to replace the battery on the motherboard. As for the ram make sure you add only what your machine will see. MSOffice 2007 does use more resources. Please post your hijackthis log again and let me know if you are still having malware problems. |
14-Jul-2009, 12:20 AM
#8 | |||||||
| Well I have not replaced the battery yet or added the RAM... The shutdown speed seems to have been a one time event, it's still slow, may not quite as slow. I even ran ATF Cleaner again, and also MBAM (that came up clean). One other thing to report... Not sure this is a Comcast issue or not, but now at start or restart of the system "ehrecvr.exe" (something to do with updating the TV guide) is taking about 70 to 85% of the CPU time for about 15 minutes. Anyway, I don't think it's related here. Here is the HJT log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:46:08 PM, on 7/13/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\snmp.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Clipomatic\Clipomatic.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: CitiUS Shared Browser Helper Object - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\Program Files\Virtual Account Numbers\BhoCitUS.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: CDelHotkeys Object - {78875F5C-A685-4405-8DC5-D48DC65452B0} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.9.0\ViewBarBHO.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: PicLens plug-in for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\PicLens.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Delicious Toolbar - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKCU\..\Run: [Clipomatic] C:\Program Files\Clipomatic\Clipomatic.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Auto EPSON Stylus Photo R800 on HAL] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI8JA.EXE /FU "C:\WINDOWS\TEMP\E_S378.tmp" /EF "HKCU" O4 - HKCU\..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKUS\S-1-5-21-3881248347-474712985-3267158099-1012\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup (User 'QBDataServiceUser') O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Delicious - {2C887991-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll O9 - Extra button: Bookmarks - {2C887992-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll O9 - Extra button: Tag - {2C887993-08F0-11DC-A9B2-0012F0B227DD} - C:\Program Files\Delicious Add-on for Internet Explorer\DeliciousExtension.dll O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Virtual Account Numbers - {DE700910-58F7-4D2E-B7E6-3BA2DA1B6806} - C:\PROGRA~1\VIRTUA~2\CitiVAN.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} - http://moneycentral.msn.com/cabs/pmupd806.exe O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/tech...rl/tgctlsi.cab O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...rl/tgctlsr.cab O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/14.21/uploader2.cab O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedIn...derControl.cab O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - https://www.microsoft.com/resources/...veXClient1.cab O16 - DPF: {4F18FFF5-85B9-4378-A1B4-06743830EC70} (WAPUploaderAX Class) - https://www.web-a-photo.com/WebaphotoUploaderXP.cab O16 - DPF: {5879B3B0-566E-4ECB-9B77-9A8A5E62AAB8} - http://www.blackberry.com/DST2007/pa...eLoaderUSB.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1120535075859 O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/inst...l/pinstall.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1140694947812 O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/Visi.../TLIEFlash.CAB O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - https://a248.e.akamai.net/f/248/5462...l/SymDlBrg.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://74.92.3.186:8095/activex/AMC.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/def...ploader_v6.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab O16 - DPF: {FA9740A2-5802-42E2-B509-81186EEB3C42} (WABControl Class) - https://www.linkedin.com/cab/wabctrl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B61F343D-A618-4235-AB44-8D1FD878F972}: NameServer = 68.87.71.226,68.87.73.242 O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1c9691548ba976c) (gupdate1c9691548ba976c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: QuickBooksDB - Intuit, Inc. - C:\PROGRA~1\Intuit\QUICKB~2\QBDBMgrN.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe -- End of file - 20257 bytes THANKS! |
14-Jul-2009, 07:21 PM
#9 | ||||||
| Run HJT again and put a check in the following: R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/def...ploader_v6.cab Close all applications and browser windows before you click "fix checked". Since you mentioned Comcast... are you aware of the new "Comcast Domain Helper service"? I would remove the Google stuff also. If you like it you can put it back but I would test the system without it. Go to add/remove programs and remove these if you did not install them. These programs are known as Foistware ViewpointService Viewpoint Manager Post back and let me know if anything we have done is making an improvement. |
28-Jul-2009, 02:32 PM
#10 | |||||||
| Sorry for not getting back in such a long time. Cybertech - thank you so much for your help. I don't think it was any one thing that worked. I did everything you said and my system is quite a bit faster now. I think the biggest improvement came after running the Malwarebytes program. But I really do think it was everything - including adding extra RAM. Again Thanks and I'll mark this as resolved. \Dave |
Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.
If you're not already familiar with forums, watch our Welcome Guide to get started.
| Tags |
hjt included, slow system  |
| |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
