Results 1 to 8 of 8

Thread: Scan won't complete

  1. #1
    Junior Member
    Join Date
    Sep 2008
    Posts
    24

    Default Scan won't complete

    Hi Shaba,
    Sorry I went awol. It was something beyond my
    control.
    There is still problems although spybot says it has fixed them. It also says there are 131 files in use that it can't scan.
    My Pc runs really slow and occasionally the screen freezes . I can't install my camera and a few other things.
    Often it takes forever to shut down.
    Thanks for all your help.
    http://forums.spybot.info/showthread...726#post237726

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:43:19, on 30/09/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16711)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Windows\PixArt\Pac207\Monitor.exe
    C:\Windows\System32\wpcumi.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 82.42.114.142:80
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
    O4 - HKCU\..\Run: [HijackThis startup scan] C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-601252038-2523710552-1362228774-1003\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'laura')
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
    O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel - C:\Program Files\Intel\AMT\UNS.exe

    --
    End of file - 7829 bytes

  2. #2
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hi cally2

    Please post next spybot report
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  3. #3
    Junior Member
    Join Date
    Sep 2008
    Posts
    24

    Default

    Thanks Again Shaba






    --- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

    2008-07-07 blindman.exe (1.0.0.8)
    2008-07-07 SDFiles.exe (1.6.0.4)
    2008-07-07 SDMain.exe (1.0.0.6)
    2008-07-07 SDShred.exe (1.0.2.3)
    2008-07-07 SDUpdate.exe (1.6.0.8)
    2008-07-07 SDWinSec.exe (1.0.0.12)
    2008-07-07 SpybotSD.exe (1.6.0.30)
    2008-09-16 TeaTimer.exe (1.6.3.25)
    2008-09-16 unins000.exe (51.49.0.0)
    2008-07-07 Update.exe (1.6.0.7)
    2008-07-07 advcheck.dll (1.6.1.12)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2008-09-15 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2008-07-07 Tools.dll (2.1.5.7)
    2008-09-02 Includes\Adware.sbi (*)
    2008-09-09 Includes\AdwareC.sbi (*)
    2008-06-03 Includes\Cookies.sbi (*)
    2008-09-02 Includes\Dialer.sbi (*)
    2008-09-09 Includes\DialerC.sbi (*)
    2008-07-23 Includes\HeavyDuty.sbi (*)
    2008-09-02 Includes\Hijackers.sbi (*)
    2008-09-02 Includes\HijackersC.sbi (*)
    2008-09-09 Includes\Keyloggers.sbi (*)
    2008-09-30 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2008-09-09 Includes\Malware.sbi (*)
    2008-09-30 Includes\MalwareC.sbi (*)
    2008-09-02 Includes\PUPS.sbi (*)
    2008-09-11 Includes\PUPSC.sbi (*)
    2007-11-07 Includes\Revision.sbi (*)
    2008-06-18 Includes\Security.sbi (*)
    2008-09-30 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2008-09-09 Includes\Spyware.sbi (*)
    2008-09-23 Includes\SpywareC.sbi (*)
    2008-06-03 Includes\Tracks.uti (*)
    2008-09-30 Includes\Trojans.sbi (*)
    2008-09-30 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll



    --- System information ---
    Windows Vista (Build: 6001) Service Pack 1 (6.0.6001)
    / MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
    / MSXML4SP2: Security update for MSXML4 SP2 (KB941833)


    --- Startup entries list ---
    Located: HK_LM:Run, IAAnotif
    command: "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    file: C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    size: 178712
    MD5: EC9B27B37D8E9D361C38E8D364F09611

    Located: HK_LM:Run, IgfxTray
    command: C:\Windows\system32\igfxtray.exe
    file: C:\Windows\system32\igfxtray.exe
    size: 142104
    MD5: 4E2D21A49F49C53EF63120C03E97C302

    Located: HK_LM:Run, iTunesHelper
    command: "C:\Program Files\iTunes\iTunesHelper.exe"
    file: C:\Program Files\iTunes\iTunesHelper.exe
    size: 267048
    MD5: 04A9F0C58B170F30445BCC0683EF9FFC

    Located: HK_LM:Run, Malwarebytes Anti-Malware (reboot)
    command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    size: 1253040
    MD5: E9984A477F34E2EC05C35D0A84A34BA1

    Located: HK_LM:Run, Monitor
    command: C:\Windows\PixArt\PAC207\Monitor.exe
    file: C:\Windows\PixArt\PAC207\Monitor.exe
    size: 319488
    MD5: 72334F906C2E2B002CDD2FF9022FD957

    Located: HK_LM:Run, SoundMAXPnP
    command: C:\Program Files\Analog Devices\Core\smax4pnp.exe
    file: C:\Program Files\Analog Devices\Core\smax4pnp.exe
    size: 1282048
    MD5: 81AC5268574856C96D83C4519446864A

    Located: HK_LM:Run, SunJavaUpdateSched
    command: "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    file: C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    size: 144784
    MD5: 6AB4C021FBD36DC6764924C312428D97

    Located: HK_LM:Run, Windows Defender
    command: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    file: C:\Program Files\Windows Defender\MSASCui.exe
    size: 1008184
    MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E

    Located: HK_LM:Run, WPCUMI
    command: C:\Windows\system32\WpcUmi.exe
    file: C:\Windows\system32\WpcUmi.exe
    size: 176128
    MD5: C456658AF90F42BE3CDF1048F9CDB5CA

    Located: HK_CU:Run, Sidebar
    where: S-1-5-19...
    command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
    file: C:\Program Files\Windows Sidebar\Sidebar.exe
    size: 1233920
    MD5: FD278E51A7D6F52D22FCE6C67E037AD6

    Located: HK_CU:Run, WindowsWelcomeCenter
    where: S-1-5-19...
    command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
    file: C:\Windows\system32\oobefldr.dll
    size: 2153472
    MD5: 83E4A5435B0FA6AD0166722621A04725

    Located: HK_CU:Run, Sidebar
    where: S-1-5-20...
    command: %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
    file: C:\Program Files\Windows Sidebar\Sidebar.exe
    size: 1233920
    MD5: FD278E51A7D6F52D22FCE6C67E037AD6

    Located: HK_CU:Run, WindowsWelcomeCenter
    where: S-1-5-20...
    command: rundll32.exe oobefldr.dll,ShowWelcomeCenter
    file: C:\Windows\system32\oobefldr.dll
    size: 2153472
    MD5: 83E4A5435B0FA6AD0166722621A04725

    Located: HK_CU:Run, HijackThis startup scan
    where: S-1-5-21-601252038-2523710552-1362228774-1000...
    command: C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
    file: C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    size: 396288
    MD5: C4CA7416A6DF6D95075F81D9E3B41AD1

    Located: HK_CU:Run, swg
    where: S-1-5-21-601252038-2523710552-1362228774-1000...
    command: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    file: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    size: 171448
    MD5: 0FA44EA8B03ABA3E1D240B5A333D8E6A

    Located: WinLogon, igfxcui
    command: igfxdev.dll
    file: igfxdev.dll
    size: 0
    MD5: D41D8CD98F00B204E9800998ECF8427E
    Warning: if the file is actually larger than 0 bytes,
    the checksum could not be properly calculated!



    --- Browser helper object list ---
    {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Spybot-S&D IE Protection
    description: Spybot-S&D IE Browser plugin
    classification: Legitimate
    known filename: SDhelper.dll
    info link: http://spybot.eon.net.au/
    info source: Patrick M. Kolla
    Path: C:\PROGRA~1\SPYBOT~1\
    Long name: SDHelper.dll
    Short name:
    Date (created): 16/09/2008 19:18:20
    Date (last access): 01/10/2008 21:18:38
    Date (last write): 15/09/2008 14:25:44
    Filesize: 1562960
    Attributes: readonly hidden sysfile archive
    MD5: 35F73F1936BDE91F1B6995510A61E7A8
    CRC32: BE6A5D15
    Version: 1.6.2.14

    {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} (Yahoo! IE Services Button)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Yahoo! IE Services Button
    Path: C:\Program Files\Yahoo!\Common\
    Long name: yiesrvc.dll
    Short name:
    Date (created): 12/12/2007 23:09:42
    Date (last access): 15/04/2008 17:55:20
    Date (last write): 12/12/2007 23:09:42
    Filesize: 222448
    Attributes: archive
    MD5: BBDE3B4ACB928F30A35DBA4DD11564E1
    CRC32: F07520BB
    Version: 2007.12.12.1

    {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} (NCO 2.0 IE BHO)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: NCO 2.0 IE BHO
    CLSID name:
    Path: C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\
    Long name: CoIEPlg.dll
    Short name:
    Date (created): 02/07/2008 01:35:48
    Date (last access): 02/07/2008 01:35:48
    Date (last write): 30/06/2008 13:44:04
    Filesize: 349552
    Attributes: archive
    MD5: 3063C05D9CA51D9BB47830BD04A19766
    CRC32: CBCA0ED1
    Version: 2008.2.7.7

    {6D53EC84-6AAE-4787-AEEE-F4628F01010C} (Symantec Intrusion Prevention)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name: Symantec Intrusion Prevention
    CLSID name: Symantec Intrusion Prevention
    Path: C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
    Long name: IPSBHO.dll
    Short name:
    Date (created): 24/04/2008 16:41:02
    Date (last access): 24/04/2008 16:41:02
    Date (last write): 24/04/2008 16:41:02
    Filesize: 116088
    Attributes: archive
    MD5: 317FC88BDD45DD92A4A8A6C1F7963EF3
    CRC32: 00F465C4
    Version: 8.2.0.81

    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: SSVHelper Class
    Path: C:\Program Files\Java\jre1.6.0_07\bin\
    Long name: ssv.dll
    Short name:
    Date (created): 24/07/2008 02:22:36
    Date (last access): 10/06/2072 02:32:34
    Date (last write): 10/06/2008 04:27:02
    Filesize: 509328
    Attributes: archive
    MD5: F921D875A1CBD69A6A462BA2514BC831
    CRC32: 38AC9EE2
    Version: 6.0.70.6

    {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    BHO name:
    CLSID name: Google Toolbar Helper
    description: Google toolbar
    classification: Open for discussion
    known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
    info link: http://toolbar.google.com/
    info source: TonyKlein
    Path: c:\program files\google\
    Long name: GoogleToolbar1.dll
    Short name: GOOGLE~1.DLL
    Date (created): 27/06/2008 18:01:42
    Date (last access): 27/06/2008 18:01:42
    Date (last write): 27/06/2008 18:01:42
    Filesize: 2403392
    Attributes: readonly archive
    MD5: 6319F2D4708DBCAE37CFA03DA10782C0
    CRC32: D51D8296
    Version: 4.0.1601.4978



    --- ActiveX list ---


    --- Process list ---
    PID: 2244 (1008) C:\Windows\system32\taskeng.exe
    size: 169472
    MD5: 5F109032CE46B7184ED9E50F9FE8489E
    PID: 3108 ( 992) C:\Windows\system32\Dwm.exe
    size: 81920
    MD5: 59903071D7ACE6A02093C47E9E38AF97
    PID: 2272 (3036) C:\Windows\Explorer.EXE
    size: 2927104
    MD5: FFA764631CB70A30065C12EF8E174F9F
    PID: 1728 (2272) C:\Program Files\Windows Defender\MSASCui.exe
    size: 1008184
    MD5: 0D392EDE3B97E0B3131B2F63EF1DB94E
    PID: 3524 (2272) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    size: 178712
    MD5: EC9B27B37D8E9D361C38E8D364F09611
    PID: 1356 (2272) C:\Program Files\iTunes\iTunesHelper.exe
    size: 267048
    MD5: 04A9F0C58B170F30445BCC0683EF9FFC
    PID: 2164 (2272) C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    size: 144784
    MD5: 6AB4C021FBD36DC6764924C312428D97
    PID: 2932 (2272) C:\Windows\PixArt\Pac207\Monitor.exe
    size: 319488
    MD5: 72334F906C2E2B002CDD2FF9022FD957
    PID: 2292 (2272) C:\Windows\System32\wpcumi.exe
    size: 176128
    MD5: C456658AF90F42BE3CDF1048F9CDB5CA
    PID: 3472 (2272) C:\Program Files\Analog Devices\Core\smax4pnp.exe
    size: 1282048
    MD5: 81AC5268574856C96D83C4519446864A
    PID: 724 (2272) C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    size: 171448
    MD5: 0FA44EA8B03ABA3E1D240B5A333D8E6A
    PID: 4044 ( 780) C:\Windows\system32\wbem\unsecapp.exe
    size: 37888
    MD5: 25873356E52849C3F5B3F1B02317E8C8
    PID: 3344 (3636) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    size: 4891472
    MD5: 3B1B5D09D3C9C4CD39D4DB06ED7A0855
    PID: 3800 (2244) C:\Windows\System32\wsqmcons.exe
    size: 192000
    MD5: E8B0A9ECB76AAA0C3519E16F34A49858
    PID: 0 ( 0) [System Process]
    PID: 4 ( 0) System
    PID: 400 ( 4) smss.exe
    size: 64000
    PID: 468 ( 456) csrss.exe
    size: 6144
    PID: 508 ( 500) csrss.exe
    size: 6144
    PID: 516 ( 456) wininit.exe
    size: 96768
    PID: 556 ( 500) winlogon.exe
    size: 314880
    PID: 592 ( 516) services.exe
    size: 279040
    PID: 608 ( 516) lsass.exe
    size: 9728
    PID: 616 ( 516) lsm.exe
    size: 229888
    PID: 780 ( 592) svchost.exe
    size: 21504
    PID: 840 ( 592) svchost.exe
    size: 21504
    PID: 876 ( 592) svchost.exe
    size: 21504
    PID: 964 ( 592) svchost.exe
    size: 21504
    PID: 992 ( 592) svchost.exe
    size: 21504
    PID: 1008 ( 592) svchost.exe
    size: 21504
    PID: 1124 ( 964) audiodg.exe
    size: 88064
    PID: 1176 ( 592) SLsvc.exe
    size: 2623488
    PID: 1216 ( 592) svchost.exe
    size: 21504
    PID: 1408 ( 592) svchost.exe
    size: 21504
    PID: 1616 ( 592) spoolsv.exe
    size: 125952
    PID: 1640 ( 592) ccSvcHst.exe
    PID: 1828 ( 592) svchost.exe
    size: 21504
    PID: 1332 ( 592) AppleMobileDeviceService.exe
    PID: 1404 ( 592) ASFAgent.exe
    PID: 836 ( 592) atchksrv.exe
    PID: 1524 ( 592) mDNSResponder.exe
    PID: 1132 ( 592) IAANTmon.exe
    PID: 2036 ( 592) LMS.exe
    PID: 2080 ( 592) svchost.exe
    size: 21504
    PID: 2100 ( 592) svchost.exe
    size: 21504
    PID: 2144 ( 592) UNS.exe
    PID: 2300 ( 592) svchost.exe
    size: 21504
    PID: 2356 ( 592) SearchIndexer.exe
    size: 302080
    PID: 3276 (1008) taskeng.exe
    size: 169472
    PID: 1252 ( 592) AluSchedulerSvc.exe
    PID: 2892 ( 592) wmpnetwk.exe
    PID: 408 ( 780) WmiPrvSE.exe
    PID: 2352 ( 592) iPodService.exe
    PID: 3120 (1356) C:\Program Files\iTunes\iTunes.exe
    size: 20638504
    MD5: 5358317E8FB5DEF1C6CB0BD06671F275
    PID: 2704 (3120) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    size: 141048
    MD5: 1033CFD72852C1DD1DFBC605358B17D5
    PID: 2712 (2704) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
    size: 14864
    MD5: 69591862E9077A9574E4F09FA0B9F452
    PID: 3856 (2272) C:\Program Files\Mozilla Firefox\firefox.exe
    size: 307712
    MD5: A6D64056AD6CA84534143757FD782D7A
    PID: 3360 (2356) C:\Windows\system32\SearchFilterHost.exe
    size: 76800
    MD5: A9092E71A164A3AE1ACC517809AFEB27
    PID: 3480 (2356) SearchProtocolHost.exe
    size: 179200


    --- Browser start & search pages list ---
    Spybot - Search & Destroy browser pages report, 01/10/2008 21:56:38

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
    C:\Windows\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
    http://go.microsoft.com/fwlink/?LinkId=54896
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
    http://go.microsoft.com/fwlink/?LinkId=69157
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
    http://go.microsoft.com/fwlink/?LinkId=54896
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
    http://go.microsoft.com/fwlink/?LinkId=69157
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
    http://go.microsoft.com/fwlink/?LinkId=69157
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
    http://go.microsoft.com/fwlink/?LinkId=54896


    --- Winsock Layered Service Provider list ---
    Protocol 0: Parental Controls LSP over [MSAFD Tcpip [TCP/IP]]
    GUID: {04214806-EDA8-4B65-9ECD-C567270DDE19}
    Filename: C:\Windows\system32\wpclsp.dll

    Protocol 1: Parental Controls LSP over [MSAFD Tcpip [UDP/IP]]
    GUID: {FC466A16-9501-4521-9714-BD33319B635D}
    Filename: C:\Windows\system32\wpclsp.dll

    Protocol 2: Parental Controls LSP over [MSAFD Tcpip [TCP/IPv6]]
    GUID: {7B82C388-66CD-4015-8EF6-E73F5DC7E5E2}
    Filename: C:\Windows\system32\wpclsp.dll

    Protocol 3: Parental Controls LSP over [MSAFD Tcpip [UDP/IPv6]]
    GUID: {A12B577C-3103-45A7-B602-1DE95E885E26}
    Filename: C:\Windows\system32\wpclsp.dll

    Protocol 4: Parental Controls LSP over [RSVP TCPv6 Service Provider]
    GUID: {6E91A474-7CAE-45A7-AB6A-2F6BBF40F3D8}
    Filename: C:\Windows\system32\wpclsp.dll

    Protocol 5: Parental Controls LSP over [RSVP TCP Service Provider]
    GUID: {08165FAB-CA55-455B-A321-C58339AA853B}
    Filename: C:\Windows\system32\wpclsp.dll

    Protocol 6: Parental Controls LSP over [RSVP UDPv6 Service Provider]
    GUID: {F934A32F-C13F-4183-B976-AD1091F4A05C}
    Filename: C:\Windows\system32\wpclsp.dll

    Protocol 7: Parental Controls LSP over [RSVP UDP Service Provider]
    GUID: {F6038393-B66E-4A06-989A-FE16B62D580A}
    Filename: C:\Windows\system32\wpclsp.dll

    Protocol 8: MSAFD Tcpip [TCP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 9: MSAFD Tcpip [UDP/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 10: MSAFD Tcpip [RAW/IP]
    GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IP protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 11: MSAFD Tcpip [TCP/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 12: MSAFD Tcpip [UDP/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 13: MSAFD Tcpip [RAW/IPv6]
    GUID: {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP IPv6 protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Tcpip[*]

    Protocol 14: RSVP TCPv6 Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 15: RSVP TCP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 16: RSVP UDPv6 Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 17: RSVP UDP Service Provider
    GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP RVSP
    DB filename: %SystemRoot%\system32\rsvpsp.dll
    DB protocol: RSVP * Service Provider

    Protocol 18: MSAFD Irda [IrDA]
    GUID: {3972523D-2AF1-11D1-B655-00805F3642CC}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Infrared protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD Irda [IrDA]

    Protocol 19: Parental Controls LSP
    GUID: {572F18CF-62F6-4456-BE0E-AF2D8FDBCE0B}
    Filename: C:\Windows\system32\wpclsp.dll

    Protocol 20: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E9539B5A-FFA0-4299-8082-323F1D90AF90}] SEQPACKET 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 21: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E9539B5A-FFA0-4299-8082-323F1D90AF90}] DATAGRAM 0
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 22: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{82890BB3-C89E-470A-9497-F0AB75CCD42D}] SEQPACKET 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 23: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{82890BB3-C89E-470A-9497-F0AB75CCD42D}] DATAGRAM 2
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 24: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7B1D5BB7-B220-4C2B-B00D-8987A218A9F7}] SEQPACKET 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 25: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{7B1D5BB7-B220-4C2B-B00D-8987A218A9F7}] DATAGRAM 3
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 26: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{CA58870E-CF51-4881-B4AB-0559CF77E31D}] SEQPACKET 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 27: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{CA58870E-CF51-4881-B4AB-0559CF77E31D}] DATAGRAM 4
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 28: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{2356AE08-4F08-4D0E-A1FF-52CBBF930840}] SEQPACKET 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 29: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{2356AE08-4F08-4D0E-A1FF-52CBBF930840}] DATAGRAM 5
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 30: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{E9539B5A-FFA0-4299-8082-323F1D90AF90}] SEQPACKET 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Protocol 31: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{E9539B5A-FFA0-4299-8082-323F1D90AF90}] DATAGRAM 1
    GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
    Filename: %SystemRoot%\system32\mswsock.dll
    Description: Microsoft Windows NT/2k/XP NetBios protocol
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: MSAFD NetBIOS *

    Namespace Provider 0: Network Location Awareness Legacy (NLAv1) Namespace
    GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
    Filename:
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: NLA-Namespace

    Namespace Provider 1: E-mail Naming Shim Provider
    GUID: {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE}
    Filename:

    Namespace Provider 2: PNRP Cloud Namespace Provider
    GUID: {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    Namespace Provider 3: PNRP Name Namespace Provider
    GUID: {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D}
    Filename:

    Namespace Provider 4: mdnsNSP
    GUID: {B600E6E9-553B-4A19-8696-335E5C896153}
    Filename: C:\Program Files\Bonjour\mdnsNSP.dll
    Description: Apple Rendezvous protocol
    DB filename: %ProgramFiles%\Rendezvous\bin\mdnsNSP.dll
    DB protocol: mdnsNSP

    Namespace Provider 5: Tcpip
    GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
    Filename:
    Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
    DB filename: %SystemRoot%\system32\mswsock.dll
    DB protocol: TCP/IP

    Namespace Provider 6: NTDS
    GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
    Filename: %SystemRoot%\System32\winrnr.dll
    Description: Microsoft Windows NT/2k/XP name space provider
    DB filename: %SystemRoot%\system32\winrnr.dll
    DB protocol: NTDS

  4. #4
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    That looks like to be ok.

    For general slowness, see here and post back if it helped
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  5. #5
    Junior Member
    Join Date
    Sep 2008
    Posts
    24

    Default

    Thanks Shaba .It is much improved .
    Thanks for all your help. Your a star.
    One thing .I cannot restore to an earlier date.It goes through the motions but after restart it says that it hasnt been restored because of an error .Any Ideas ?

    thanks

  6. #6
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Looks like system restore is corrupted.

    This should help.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  7. #7
    Junior Member
    Join Date
    Sep 2008
    Posts
    24

    Default

    thanks shaba xx

  8. #8
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

    Note: If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

    If it has been less than five days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •