IE Closes & Products keep being cked to ignore in scan and slow

Continuation from prior post of the WinPFind3 logfile

1st Continuation from prior post of the WinPFind3 logfile

WinPFind3 logfile created on: 1/4/2007 12:53:05 PM
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 1/12/2006 8:38:22 PM | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [] -> Safer Networking Limited [Ver = 1, 4, 0, 0 | Size = 853672 bytes | Modified Date = 5/31/2005 12:04:00 AM | Attr = ]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [UberButton Class] -> Yahoo! [Ver = 2005, 5, 26, 1 | Size = 181352 bytes | Modified Date = 5/26/2005 10:38:44 AM | Attr = ]
{65D886A2-7CA7-479B-BB95-14D1EFB7946A} [HKLM] -> %ProgramFiles%\Yahoo!\Common\YIeTagBm.dll [YahooTaggedBM Class] -> Yahoo! Inc. [Ver = 2005, 1, 24, 1 | Size = 115832 bytes | Modified Date = 1/24/2005 8:55:32 AM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_09\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 434279 bytes | Modified Date = 10/12/2006 3:25:44 AM | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> %SystemDrive%\PROGRA~1\Yahoo!\Common\yhexbmesus.dll [&Yahoo! Messenger] -> File not found
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> %SystemDrive%\PROGRA~1\Yahoo!\Common\yhexbmesus.dll [&Yahoo! Messenger] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} [HKLM] -> %SystemDrive%\hp\EXPLOREBAR\HPTOOLKT.DLL [hp toolkit] -> Hewlett-Packard Company [Ver = 1.0.0.3 | Size = 86016 bytes | Modified Date = 6/4/2002 11:03:12 PM | Attr = ]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 8/4/2005 8:54:42 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> %ProgramFiles%\Google\googletoolbar2.dll [&Google] -> Google Inc. [Ver = 4, 0, 1020, 2544 | Size = 2108480 bytes | Modified Date = 10/12/2006 10:38:04 AM | Attr = R ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2005, 8, 4, 2 | Size = 343112 bytes | Modified Date = 8/4/2005 8:54:42 PM | Attr = ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8193 - Sun Java Console ->
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -> 8194 - Reg Data - Value does not exist ->
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> 8195 - Reg Data - Value does not exist ->
{DECDBEEF-D3AD-B3EF-DE4D-B3EFDEADB3EF} -> 8196 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8197 - Windows Messenger ->
NextId -> 8198 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_09\bin\npjpi150_09.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 69746 bytes | Modified Date = 10/12/2006 3:25:44 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_09\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 434279 bytes | Modified Date = 10/12/2006 3:25:44 AM | Attr = ]
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -> Reg Data - Value does not exist [ButtonText: Yahoo! Services] -> File not found
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -> %ProgramFiles%\AIM\aim.exe [ButtonText: AIM] -> America Online, Inc. [Ver = 5.9.3861 | Size = 67160 bytes | Modified Date = 8/5/2005 2:08:26 PM | Attr = ]
{DECDBEEF-D3AD-B3EF-DE4D-B3EFDEADB3EF} -> %ProgramFiles%\BellSouth\Communications Suite\BstMessenger.exe [ButtonText: Messenger] -> BellSouth [Ver = 3, 1, 1918, 0 | Size = 114688 bytes | Modified Date = 8/30/2004 11:06:18 PM | Attr = ]
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
&Copy Location -> %SystemRoot%\Web\graburl.htm -> [Ver = | Size = 281 bytes | Modified Date = 2/18/1999 1:52:42 PM | Attr = ]
&Yahoo! Search -> %ProgramFiles%\Yahoo!\Common\YCSRCH.HTM -> [Ver = | Size = 605 bytes | Modified Date = 6/3/2005 6:07:38 PM | Attr = ]
Yahoo! &Dictionary -> %ProgramFiles%\Yahoo!\Common\YCDICT.HTM -> [Ver = | Size = 616 bytes | Modified Date = 6/3/2005 6:07:16 PM | Attr = ]
Yahoo! &Maps -> %ProgramFiles%\Yahoo!\Common\ycmap.htm -> [Ver = | Size = 690 bytes | Modified Date = 6/3/2005 6:07:44 PM | Attr = ]
Yahoo! &SMS -> %ProgramFiles%\Yahoo!\Common\YCsms.htm -> [Ver = | Size = 1006 bytes | Modified Date = 8/1/2005 5:43:00 PM | Attr = ]
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer] -> NVIDIA Corporation [Ver = 6.13.10.2942 | Size = 331847 bytes | Modified Date = 5/3/2002 6:06:00 PM | Attr = ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> %System32%\nvshell.dll [Desktop Explorer Menu] -> NVIDIA Corporation [Ver = 6.13.10.2942 | Size = 331847 bytes | Modified Date = 5/3/2002 6:06:00 PM | Attr = ]
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Display Panning CPL Extension] -> File not found
{51550900-DCAC-11d4-AA0F-0080C87C465B} [HKLM] -> %ProgramFiles%\Labtec Wireless Desktop\CPDll.dll [WayTech MultiMouse] -> [Ver = | Size = 344064 bytes | Modified Date = 2/12/2004 7:18:00 PM | Attr = ]
{5464D816-CF16-4784-B9F3-75C0DB52B499} [HKLM] -> %ProgramFiles%\Yahoo!\Common\ymmapi20041123.dll [Yahoo! Mail] -> Yahoo! Inc. [Ver = 2004, 11, 23, 1 | Size = 180848 bytes | Modified Date = 11/23/2004 8:59:58 AM | Attr = ]
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> %System32%\dla\tfswshx.dll [DriveLetterAccess] -> VERITAS Software, Inc. [Ver = 1.03.37a | Size = 81972 bytes | Modified Date = 7/16/2002 9:03:00 AM | Attr = ]
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 8/18/2001 6:00:00 AM | Attr = ]
{955B7B84-5308-419c-8ED8-0B9CA3C56985} [HKLM] -> %CommonProgramFiles%\aolshare\shell\us\shellext.dll [America Online] -> America Online, Inc. [Ver = 1, 0, 0, 1 | Size = 106496 bytes | Modified Date = 10/25/2001 6:40:38 PM | Attr = H ]
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 10/28/2006 4:14:14 PM | Attr = ]
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Find Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 10/28/2006 4:14:14 PM | Attr = ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2004 | Size = 49198 bytes | Modified Date = 5/6/2005 1:05:08 AM | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 5:40:48 AM | Attr = ]
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 10/28/2006 4:14:14 PM | Attr = ]
{5464D816-CF16-4784-B9F3-75C0DB52B499} [HKLM] -> %ProgramFiles%\Yahoo!\Common\ymmapi20041123.dll [Yahoo! Mail] -> Yahoo! Inc. [Ver = 2004, 11, 23, 1 | Size = 180848 bytes | Modified Date = 11/23/2004 8:59:58 AM | Attr = ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{8934FCEF-F5B8-468f-951F-78A921CD3920} [HKLM] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\context.dll [AVG Anti-Spyware] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 49 | Size = 98304 bytes | Modified Date = 10/6/2006 5:40:48 AM | Attr = ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} [HKLM] -> %System32%\igfxpph.dll [igfxcui] -> Intel Corporation [Ver = 3,0,0,1607 | Size = 200704 bytes | Modified Date = 5/15/2002 4:28:20 AM | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 10/28/2006 4:14:14 PM | Attr = ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 12/14/2004 1:20:02 AM | Attr = ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
MathPlayer 2.0 -> ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{540ACAF4-5F3C-497E-A04D-266BA7B4FB96} -> (Realtek RTL8139 Family PCI Fast Ethernet NIC) ->
{FC0BE571-B8BA-4D24-9160-A1FF74A180F0} -> () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
belarc -> %ProgramFiles%\Belarc\Advisor\System\BAVoilaX.dll -> Belarc, Inc. [Ver = 6.0m | Size = 36864 bytes | Modified Date = 11/17/2003 10:36:10 AM | Attr = ]
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Protocol Filters [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\
application/xhtml+xml -> %ProgramFiles%\Design Science\MathPlayer\MathMLMimer.dll -> Design Science, Inc. [Ver = 2004.8.26.0 | Size = 168015 bytes | Modified Date = 8/26/2004 4:59:40 PM | Attr = ]
text/xml -> %ProgramFiles%\Design Science\MathPlayer\MathMLMimer.dll -> Design Science, Inc. [Ver = 2004.8.26.0 | Size = 168015 bytes | Modified Date = 8/26/2004 4:59:40 PM | Attr = ]
text/xml; charset=iso-8859-1 -> %ProgramFiles%\Design Science\MathPlayer\MathMLMimer.dll -> Design Science, Inc. [Ver = 2004.8.26.0 | Size = 168015 bytes | Modified Date = 8/26/2004 4:59:40 PM | Attr = ]
text/xml; charset=utf-8 -> %ProgramFiles%\Design Science\MathPlayer\MathMLMimer.dll -> Design Science, Inc. [Ver = 2004.8.26.0 | Size = 168015 bytes | Modified Date = 8/26/2004 4:59:40 PM | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{00B71CFB-6864-4346-A978-C0A14556272C} -> Checkers Class - CodeBase = http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab ->
{01113300-3E00-11D2-8470-0060089874ED} -> Support.com Configuration Class - CodeBase = http://support.fastaccess.com/sdccommon/download/tgctlcm.cab ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} -> QuickTime Object - CodeBase = http://www.apple.com/qtactivex/qtplugin.cab ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -> CKAVWebScan Object - CodeBase = http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab ->
{17492023-C23A-453E-A040-C7C580BBF700} -> Windows Genuine Advantage Validation Tool - CodeBase = http://go.microsoft.com/fwlink/?linkid=39204 ->
{200B3EE9-7242-4EFD-B1E4-D97EE825BA53} -> VerifyGMN Class - CodeBase = http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab ->
{215B8138-A3CF-44C5-803F-8226143CFC0A} -> Trend Micro ActiveX Scan Agent 6.6 - CodeBase = http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab ->
{2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} -> DownloadManager Control - CodeBase = http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.3.1.cab ->
{2B323CD9-50E3-11D3-9466-00A0C9700498} -> Yahoo! Audio Conferencing - CodeBase = http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab ->
{32505657-9980-0010-8000-00AA00389B71} -> - CodeBase = http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab ->
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -> - CodeBase = http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab ->
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} -> MSN Photo Upload Tool - CodeBase = http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162326797656 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab ->
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -> MessengerStatsClient Class - CodeBase = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab ->
{9A54032D-31F7-400D-B184-83B33BDE65FA} -> MSN File Upload Control - CodeBase = http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab ->
{A17E30C4-A9BA-11D4-8673-60DB54C10000} -> YahooYMailTo Class - CodeBase = http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll ->
{AB86CE53-AC9F-449F-9399-D8ABCA09EC09} -> Get_ActiveX Control - CodeBase = https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx ->
{B9191F79-5613-4C76-AA2A-398534BB8999} -> YAddBook Class - CodeBase = http://download.yahoo.com/dl/mail/autocomplete.cab ->
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} -> - CodeBase = http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} -> Shockwave Flash Object - CodeBase = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ->
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} -> iTunesDetector Class - CodeBase = http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab ->
{EF791A6B-FC12-4C68-99EF-FB9E207A39E6} -> McFreeScan Class - CodeBase = http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4329/mcfscan.cab ->
{F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} -> MSN Chat Control 4.5 - CodeBase = http://chat.msn.com/controls/msnchat45.cab ->
Microsoft XML Parser for Java -> - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->
Yahoo! Chat -> - CodeBase = http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab ->

WinPFind3 logfile continued on next posting
 
2nd Continuation from prior post of the WinPFind3 logfile

2nd Continuation from prior post of the WinPFind3 logfile ***********
WinPFind3 logfile created on: 1/4/2007 12:53:05 PM

[Files - Created Wihin 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 266391552 bytes | Created Date = 1/1/1601 6:00:00 AM | Attr = HS]
igfxres.dll -> %System32%\igfxres.dll -> Intel Corporation [Ver = 3,0,0,1607 | Size = 151552 bytes | Created Date = 12/30/2006 1:25:27 PM | Attr = ]

[Files - Modified Wihin 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 266391552 bytes | Modified Date = 1/4/2007 11:13:48 AM | Attr = HS]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 1/4/2007 11:13:52 AM | Attr = S]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Modified Date = 1/1/2007 8:19:00 AM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 12/30/2006 5:45:48 PM | Attr = H ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 1/1/2007 8:19:10 AM | Attr = ]

[File String Scan - Non-Microsoft Only]
abetterinternet.com , web-nex , ad-w-a-r-e.com , -> %SystemDrive%\AVG7QT.DAT -> [Ver = | Size = 11929475 bytes | Modified Date = 10/28/2006 6:02:58 PM | Attr = ]
UPX0 , -> %SystemDrive%\WPO2002SP3.exe -> [Ver = | Size = 87708691 bytes | Modified Date = 5/16/2005 11:05:14 PM | Attr = ]
Thawte Consulting , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core3.zip -> [Ver = | Size = 3290841 bytes | Modified Date = 10/12/2006 3:41:56 AM | Attr = ]
USERTRUST , -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_09.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4490872 bytes | Modified Date = 10/12/2006 3:41:58 AM | Attr = ]
FSG! , -> %CommonProgramFiles%\Microsoft Shared\Shoebox\standard.SBT -> [Ver = | Size = 19954310 bytes | Modified Date = 8/8/2000 2:00:00 PM | Attr = ]
PECompact2 , -> %SystemRoot%\LPT$VPN.170 -> [Ver = | Size = 9706936 bytes | Modified Date = 9/10/2004 5:10:38 AM | Attr = ]
qoologic , abetterinternet.com , -> %SystemRoot%\ngkkae.dll -> [Ver = | Size = 3690 bytes | Modified Date = 11/29/2004 6:44:56 AM | Attr = ]
PECompact2 , -> %SystemRoot%\VPTNFILE.170 -> [Ver = | Size = 9706936 bytes | Modified Date = 9/10/2004 5:10:38 AM | Attr = ]
UPX! , aspack , -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 7.000-1004 | Size = 1036800 bytes | Modified Date = 8/19/2004 11:54:46 AM | Attr = ]
WSUD , -> %SystemRoot%\webshots.bmp -> [Ver = | Size = 1440054 bytes | Modified Date = 3/25/2004 12:30:30 PM | Attr = ]
WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.0.34 | Size = 16121856 bytes | Modified Date = 9/20/2004 3:20:44 PM | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41399 bytes | Modified Date = 8/23/2004 6:47:40 PM | Attr = ]
SAHAgent , -> %System32%\e0fv57mo.ini -> [Ver = | Size = 3485 bytes | Modified Date = 6/3/2005 5:49:24 AM | Attr = ]
SAHAgent , -> %System32%\ol3rvrrg.ini -> [Ver = | Size = 35 bytes | Modified Date = 6/3/2005 2:01:52 AM | Attr = ]
Thawte Consulting , -> %System32%\VXBLOCK.dll -> Sonic Solutions [Ver = 1.00.69a | Size = 38568 bytes | Modified Date = 8/14/2006 10:43:24 AM | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/18/2001 6:00:00 AM | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/18/2001 6:00:00 AM | Attr = ]
UPX! , FSG! , PEC2 , aspack , -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 816672 bytes | Modified Date = 11/1/2006 10:56:16 PM | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/3/2004 11:41:38 PM | Attr = ]

< End of report >
THE END
 
Hi and sorry for the delay :)

OK there was something...

Go to virustotal.com
Copy the following to the box next to "Browse" button:
C:\WINDOWS\ngkkae.dll
Click on Send
Wait for the scan to end.

Copy & Paste the scan results to here.

Download F-Secure Blacklight and save it to your desktop.

Doubleclick blbeta.exe, accept the agreement, click Scan, then click Next

You'll see a list what have been found. A log will appear to your desktop, it is named fsbl.xxxxxxx.log (xxxxxxx will be random numbers).

DON'T choose Rename if something was found!

Post the contents of fsbl.xxxx.log to here (blacklight log from your desktop)
 
My "VirusTotal" and "F-Secure Blacklight" Scans

My "VirusTotal"

Complete scanning result of "ngkkae.dll", received in VirusTotal at 01.06.2007, 05:09:56 (CET).

Antivirus Version Update Result
AntiVir 7.3.0.21 01.05.2007 no virus found
Authentium 4.93.8 12.30.2006 no virus found
Avast 4.7.892.0 12.30.2006 no virus found
AVG 386 01.05.2007 no virus found
BitDefender 7.2 01.06.2007 no virus found
CAT-QuickHeal 9.00 01.05.2007 no virus found
ClamAV devel-20060426 01.06.2007 no virus found
DrWeb 4.33 01.05.2007 no virus found
eSafe 7.0.14.0 01.05.2007 no virus found
eTrust-InoculateIT 23.73.107 01.06.2007 no virus found
eTrust-Vet 30.3.3306 01.06.2007 no virus found
Ewido 4.0 01.05.2007 no virus found
Fortinet 2.82.0.0 01.06.2007 no virus found
F-Prot 3.16f 01.05.2007 no virus found
F-Prot4 4.2.1.29 01.05.2007 no virus found
Ikarus T3.1.0.27 01.05.2007 no virus found
Kaspersky 4.0.2.24 01.06.2007 no virus found
McAfee 4933 01.05.2007 no virus found
Microsoft 1.1904 01.06.2007 no virus found
NOD32v2 1959 01.05.2007 no virus found
Norman 5.80.02 12.31.2007 no virus found
Panda 9.0.0.4 01.05.2007 no virus found
Prevx1 V2 01.06.2007 no virus found
Sophos 4.13.0 01.05.2007 no virus found
Sunbelt 2.2.907.0 01.05.2007 no virus found
TheHacker 6.0.3.143 01.05.2007 no virus found
UNA 1.83 01.04.2007 no virus found
VBA32 3.11.1 01.06.2007 no virus found
VirusBuster 4.3.19:9 01.05.2007 no virus found

Aditional Information
File size: 3690 bytes
MD5: a982a19d8c3dc8c6dfd305720ed19cd2
SHA1: 6e9916947e2d5d4c6f4d8929dcc9d503ce3ccd41
VirusTotal is a free service offered by Hispasec Sistemas.

___________xxxxxxxxxxxxxxxxxx_____________

My "F-Secure Blacklight"

My Scan with F-Secure Blacklight reflected 0 (zero) found.
 
Hmm I can't see anything wrong there...

Has this startup freeze happened more than once ?
Does the computer have any other issues at the moment ?
 
Puzzling

Probably 50% of the time I have to close a page or shut down by unplugging my computer.
Daily, I have freezing or lengthy delays. As I type this sentence, half will show up about 7-9 second later.

Question please.....
I am unfamiliar with AVG and wonder if there is a conflict with my configuration.
This was listed within a few seconds into my scan, so I decided to stop the scan. I did not want to delete any necessary files til I spoke with you.

AVG Virus Results
Object
c\Windows\System32\kernel32.dll
c\Windows\System32\wsock32.dll
c\Windows\System32\user32.dll
c\Windows\System32\shell32.dll
c\Windows\System32\ntoskml.exe
c\Windows\System32\drivers\etc\hosts
***The above was healed.

This was in my AVG Vault from my previous scan; I think the following was quarantined.

AVG Virus Vault
Trojan horse DownloaderAgent.GNR
Trojan horse Clicker.OA
Trojan horse Downloader.Generic.KWN
 
Still puzzled

Hi,
Sorry for my delay but I have been very ill and away from my computer for sometime.

The computer freezing up seems to be abated.
My problems with lengthy starting up and shutting down is less frequent than before but periodically still happens. When browsing, some pages start to come up then abruptly says error occured and must close down. I am unsure as to why because i have been to those sites before.. (cbsnews.com)

AVG full scan reflected nothing found.
I set up a new user and it operates like the other user accts having periodic slow startup or shut downs.

Once, upon startup, I received a message that it could not continue because I was ‘missing config’ :scratch: and I needed to reload from my original disks for a new system. I shut down, waited a few minutes, then started up again and all was fine. I have no idea what, where, and why that appeared.

Is there anyway I can check on & correct any registry and application errors that may be slowing down my system??

Last year I did receive faulty application errors about
faulty application iexplore.exe version 6.0.2900.2180
faulty application iexplore.exe version 6.0.2800.1106
faulty application firefox -----------------------
I don’t know if my AV & A-malware runs behind the other programs to slow things down or what.

Is smitfraud a legit program for my computer?

Thank you for your assistance.
 
Hi again :)

Sounds like something is corrupted. Maybe a repair installation or prehaps a complete reformat & reinstall will help. I can give you instructions if you want to try.

Of course this could be a physical problem too...In that case a reinstall won't help...

Let me know what you think :bigthumb:
 
Mr. Jak,

After you assisted me in cleaning my computer, all things were going well. The lengthy start up became worse after I did all my hardware & software driver updates, Firefox, Internet Explorer, and Windows update to 7, then JAVA, microsoft spy defender, AVG antispyware, Adobe, and Google, etc. updates.....:sad:

Maybe too much updates at one time. Then, my Java updates were wierdly incomplete and I had to delete the JAVA program 3 times and try to reinstall. This made all of my Notepad txt became weird symbols and apparently corrupted. Maybe some conflicts with certain configurations.
Somehow my updates were changed to automatic DL & install and were running constantly...... I changed the settings to let me know prior to installing them cause I want to be selective. I will never have them set to automatic again.....


I’ll keep pondering on a solution and I’ll let you know.
Thanks so kindly for your time and knowledge.
I may be away for a few, but I shall return.
Thanks,
Jay
 
Hi again :)

You could post a one more HijackThis log. After the updating the programs might have added themselves to the startup. We may disable those in order to improve the performance.

Have you defragged your harddrives ?
 
GREAT, I am almost clean

Mr Jak,
:bigthumb: I can get my computer to start now.
Although a few lil quirks remain, things are good with no freezing and a quicker start up.

I did a restore and then slowly did my updates.
I suspect the google Earth with updates caused a huge CPU overload.
I also fixed JAVA updates, (as per site there were problems and given a new update to fix).
I had some microsoft updates that were auto DL'ed & installed but didnt need cause didnt have the software that it went with, so i deleted.

I decided not to auto install updates..... ill do them weekly so i can notice if there are any conflicts.

Thanks for all you have done.......I appreciate your assistance.
Please continue your efforts to rid viruses & malware.

Jay-Escalader

***Here is my HJT log.....Let me know if any problems to correct.
___________________________________________

Logfile of HijackThis v1.99.1
Scan saved at 8:12:40 PM, on 1/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\LTMSG.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\BellSouth\Application Center\BsnAppCenter.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\Owner\Desktop\Hijack This\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bellsouth.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (disabled by BHODemon)
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll (disabled by BHODemon)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [BellSouthSyn] C:\Program Files\BellSouth\Application Center\BsnAppCenter.exe /Synchronize
O4 - HKLM\..\Run: [BellSouthScheduler] C:\Program Files\BellSouth\Application Center\BsnAppCenter.exe /Scheduler
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Copy Location - C:\WINDOWS\WEB\graburl.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll__BHODemonDisabled (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {DECDBEEF-D3AD-B3EF-DE4D-B3EFDEADB3EF} - C:\Program Files\BellSouth\Communications Suite\BstMessenger.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://usmilitary.about.com
O15 - Trusted Zone: http://www.arng.army.mil
O15 - Trusted Zone: http://www.la.ngb.army.mil
O15 - Trusted Zone: http://www.armyonesource.com
O15 - Trusted Zone: http://home.bellsouth.net
O15 - Trusted Zone: http://www.juno.com
O15 - Trusted Zone: www.militaryonesource.com
O15 - Trusted Zone: http://vil.nai.com
O15 - Trusted Zone: http://*.subratam.org
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://support.fastaccess.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.3.1.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162326797656
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4329/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
 
Hi :)

Nice to hear that the things are running now, HjT looks clean :)

You may fix these unnecessary startups if you want:
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

:bigthumb:
 
Things are better....Thanks

Mr Jak,
:crowned: Thank you, thank you, & thank you.
Unsure if I mentioned, but my 2 disk drives (floppy & CD) mysteriously returned. ;)

-------Your suggestion to fix the 2 unnecessary startups, helped everything run faster.

-------I also did another AVG Anti-Spyware; found & fixed 4 med risk items.

-------Which cleanup programs can I delete now, since things are fixed? Do I just transfer to recycle bin?

Things are really great. Thanks for everything.....
You are so kind & generous to share your knowledge to assist others.:angel:
Thanks,
J-escalader
 
Hi :)

Nice to hear. You may remove all the small tools like WinPFind by just deleting the folder/file.

AVG AntiSpyware and ATF-cleaner are tools that are worth keeping in my opinion :bigthumb:
 
Thanks, My computer has recovered from the bugs

Mr. Jak,
:cool: Thanks a bunch for your assistance and patience til my computer got all cleaned to run quicker and free of bugs. Hopefully, i wont be needing your expertise in the near future.
:bow: Much Gratitude,
J-escalader
 
That's great news and you're very welcome :D:

Here is also some speed up hints -> Link

As the problem appears to be resolved this topic has been archived.

If you need it re-opened please send a private message (pm) to a forum staff member and provide a link to the thread; this applies only to the original topic starter.

Glad we could help :2thumb:
 
You must log in or register to reply here.
Back
Top