Slos scanspeed

Hi

Start msconfig, >startup tab and re-enable everything that is disabled(unchecked), click apply close msconfig and restart the pc, post a new hijackthis log.
 
hijack this log

Logfile of HijackThis v1.99.1
Scan saved at 5:50:04 PM, on 3/24/2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\ANTIVIR PERSONALEDITION CLASSIC\SCHEDM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\PROGRAM FILES\MOTIVE\MOTMON.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\PROGRAM FILES\ANTIVIR PERSONALEDITION CLASSIC\AVGCTRL.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\HIJACK THIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided by Cox High Speed Internet
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [windesktop] C:\WINDOWS\SYSTEM\windesktop.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [errorkiller] "C:\Program Files\errorkiller\errorkiller.exe" -boot
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\motmon.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [AuthConsoleStart] c:\program files\cox\applications\app\AuthStart.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
O4 - HKLM\..\Run: [avgctrl] "C:\Program Files\AntiVir PersonalEdition Classic\avgctrl.exe" /min
O4 - HKLM\..\RunServices: [windesktop] C:\WINDOWS\SYSTEM\windesktop.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [CurtainsSysSvc] c:\program files\cox\applications\app\AuthSL.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [schedm] "C:\Program Files\AntiVir PersonalEdition Classic\schedm.exe"
O4 - HKCU\..\Run: [windesktop] C:\WINDOWS\SYSTEM\windesktop.exe
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Startup: Shortcut to SPOOL32.EXE.lnk = C:\WINDOWS\SYSTEM\SPOOL32.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra button: Dell Home - {63D9F689-FA15-4ECF-91BC-C4D0734E14EA} - http://www.dellnet.com (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
 
You have both antivir and cox's antivirus installed ?

Start Hijackthis and place a check next to these items If there.
O4 - HKLM\..\Run: [windesktop] C:\WINDOWS\SYSTEM\windesktop.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
O4 - HKLM\..\RunServices: [windesktop] C:\WINDOWS\SYSTEM\windesktop.exe
O4 - HKCU\..\Run: [windesktop] C:\WINDOWS\SYSTEM\windesktop.exe

Whats this >
O4 - Startup: Shortcut to SPOOL32.EXE.lnk = C:\WINDOWS\SYSTEM\SPOOL32.EXE
If you dont know fix it also
====================================
Hit fix checked and close Hijackthis.
Restart the PC
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Replace the Hosts file
http://www.mvps.org/winhelp2002/hosts.htm
How To Download and Extract the HOSTS file:
http://www.mvps.org/winhelp2002/hosts2.htm
Replace it about once monthly to keep it updated


Now try disabling system restore , restart the pc and re-enable again.
 
Still have some issues

O4 - Startup: Shortcut to SPOOL32.EXE.lnk =
:\WINDOWS\SYSTEM\SPOOL32.EXE

This was a remedy per the microsoft website, because my printer wouldn't work. I kept getting Spool32 error messages.

I have antivir and cox's antivirus installed, because as mentioned previously, since beginning repairs cox security suite hasn't been loading. I get an error message about repairing the installation. But I can't navigate the web page to reinstall it because it is just blank. I get error message about java scripts. I have run through the process to enable, but they are already enabled. I checked the java site and it says that all is installed and working properly.

Also, I still am not able to navigate through the C: drive via my computer. The C:\ window loads blank. Can navigate only by right click my computer, left click explore and the selecting the specific file in the left hand drop down lists only.

What would this be caused by?
 
Hows system restore now ?

SPOOL32.EXE.lnk, thanks for the information.

Replace your Hosts file, it was probaly edited by the infection.
http://www.mvps.org/winhelp2002/hosts.htm
How To Download and Extract the HOSTS file:
http://www.mvps.org/winhelp2002/hosts2.htm
Replace it about once monthly to keep it updated

Now see if you can get to coxs antivirus area, or any sites that were not previously accessable any luck ?

"Also, I still am not able to navigate through the C: drive via my computer. The C:\ window loads blank."
Try internet explorer's repair option (yes ie is part of explorer) in addremove programs start the uninstall of IE6 and choose repair

Im still unsure what version of SpyBot it is you have ?
 
Using Spybot 1.4

System restore is working fine now, thank you.

Already replaced the host file last night, but the problem still remains.
Other web pages that won't display that are critical to me:
http://webmail.aol.com/
http://www.hotmail.com

Replaced host again this morning, but no luck.

Control panel is one area that I can't open or navigate at all. Just a blank window whichever method I try.

I am using spybot 1.4
 
Try this
Copy the bolded line below
rundll32 setupwbv.dll,IE6Maintenance "C:\Program Files\Internet Explorer\Setup\SETUP.EXE" /g "C:\WINDOWS\IE Uninstall Log.Txt"
then past it in the start run box and click ok
 
Remedy work for some

The command you gave fixed the navigation of my computer and the websites.

It didn't do anything for the spybot scan though. Same hang point. Any ideas?
 
Can you access windows control panel now ?

Lets try clearing all temps
Download System Security Suite.
http://www.igorshpak.net/
Extract it from the zip file and run setup.exe
after the install you can delete setup.exe and the downloaded zip file
Start the program Check all the boxes under the 'Items to Clear' (even cookies this time) tab and click "Clear Selected Items'. You will be prompted to reboot, do so.

Let us know if SSD's scan is back to normal
 
Control Panel is working

Window control panel is back up and working.

Followed instructions for System Security Suite, no change to Spybot. Uninstalled and reinstalled. Hang up point remains at about 5800 +/-
 
Lets get a look at a silent runners log
Download and run Silentrunners.Vbs post the log it creates please
http://www.silentrunners.org/sr_scriptuse.html click no to not skip the suplimentry searchs
Wait until there is a All Done message !!, Then open and post the log next to it.
Your antivirus script protection might interfear or alert, please allow it to run after a bit box will say done.


When you reinstalled SpyBot did you delete its folder before installing again ?
In windows addremove programs uninstall SpyBot then Restart the PC,
and delete SpyBots folder in program files,
usualy > C:\Program Files\Spybot - Search & Destroy
Then download and install 1.4 once thats done, check for updates, then check for problems, fix everything found, always reboot if SpyBots needs to, to finish the cleanup. http://www.safer-networking.org/index.php?page=tutorial
Download found here http://www.safer-networking.org/en/download/index.html
Click to expand...
 
Silent Runners.vbs error message

After I download and try to run silent runners, I get the following error message.

Can't find script engine"VBScript" for script.
"C:\WINDOWS\Desktop\Silentrunners.vbs"

I didn't delete any specific files. I just used Add/Remove Programs via Control Panel. Will try again in the mean time.
 
Silent Runners log

"Silent Runners.vbs", revision 44, http://www.silentrunners.org/
Operating System: Windows Me (Millennium Edition)
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"ScanRegistry" = "C:\WINDOWS\scanregw.exe /autorun" [MS]
"TaskMonitor" = "C:\WINDOWS\taskmon.exe" [MS]
"SystemTray" = "SysTray.Exe" [MS]
"LoadPowerProfile" = "Rundll32.exe powrprof.dll,LoadCurrentPwrScheme" [MS]
"EM_EXEC" = "C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE" ["Logitech Inc. "]
"MotiveMonitor" = "C:\Program Files\Motive\motmon.exe" ["Motive Communications, Inc."]
"Adaptec DirectCD" = "C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE" ["Adaptec"]
"AuthConsoleStart" = "c:\program files\cox\applications\app\AuthStart.exe" ["Authentium, Inc."]
"avgctrl" = ""C:\Program Files\AntiVir PersonalEdition Classic\avgctrl.exe" /min" ["Avira GmbH"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\ {++}
"LoadPowerProfile" = "Rundll32.exe powrprof.dll,LoadCurrentPwrScheme" [MS]
"SSDPSRV" = "C:\WINDOWS\SYSTEM\ssdpsrv.exe" [MS]
"*StateMgr" = "C:\WINDOWS\System\Restore\StateMgr.exe" [MS]
"CurtainsSysSvc" = "c:\program files\cox\applications\app\AuthSL.exe" ["Authentium, Inc."]
"StillImageMonitor" = "C:\WINDOWS\SYSTEM\STIMON.EXE" [MS]
"schedm" = ""C:\Program Files\AntiVir PersonalEdition Classic\schedm.exe"" ["Avira GmbH"]

HKLM\Software\Microsoft\Active Setup\Installed Components\
PerUser_CVT_Inis\(Default) = "Windows Setup - FAT32 Converter"
\StubPath = "rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_CVT_Inis 64 C:\WINDOWS\INF\applets1.inf" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll" ["Sun Microsystems, Inc."]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "Universal Plug and Play Devices"
-> {HKLM...CLSID} = "Universal Plug and Play Devices"
\InProcServer32\(Default) = "C:\WINDOWS\SYSTEM\UPNPUI.DLL" [MS]
"{23CE4E06-2508-11D0-1977-0734210ABE0B}" = "Incinerator"
-> {HKLM...CLSID} = "Incinerator"
\InProcServer32\(Default) = "C:\WINDOWS\SYSTEM\INCINE~1.DLL" ["iolo technologies, LLC"]
"{F408FBC3-47F7-11D3-B7B4-8756DD151C6A}" = "iolo Incinerator Context Menu"
-> {HKLM...CLSID} = "iolo Incinerator Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\SYSTEM\Incinerator.dll" ["iolo technologies, LLC"]
"{58C83EE0-5261-11D3-81DC-D2AB3F16133C}" = "iolo Incinerator Context Menu"
-> {HKLM...CLSID} = "iolo Incinerator Context Menu for Files"
\InProcServer32\(Default) = "C:\WINDOWS\SYSTEM\Incinerator.dll" ["iolo technologies, LLC"]
"{80B24180-4EFB-11D3-A99A-00A024DDB436}" = "iolo Incinerator Properties"
-> {HKLM...CLSID} = "iolo Incinerator Properties Pages"
\InProcServer32\(Default) = "C:\WINDOWS\SYSTEM\Incinerator.dll" ["iolo technologies, LLC"]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
{58C83EE0-5261-11D3-81DC-D2AB3F16133C}\(Default) = "{58C83EE0-5261-11D3-81DC-D2AB3F16133C}"
-> {HKLM...CLSID} = "iolo Incinerator Context Menu for Files"
\InProcServer32\(Default) = "C:\WINDOWS\SYSTEM\Incinerator.dll" ["iolo technologies, LLC"]
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing LP"]
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY SECURITY SUITE\KASPERSKY ANTI-VIRUS PERSONAL\SHELLEX.DLL" [file not found]
Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\PROGRAM FILES\ANTIVIR PERSONALEDITION CLASSIC\SHLEXT.DLL" ["H+BEDV Datentechnik GmbH"]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing LP"]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
{58C83EE0-5261-11D3-81DC-D2AB3F16133C}\(Default) = "{58C83EE0-5261-11D3-81DC-D2AB3F16133C}"
-> {HKLM...CLSID} = "iolo Incinerator Context Menu for Files"
\InProcServer32\(Default) = "C:\WINDOWS\SYSTEM\Incinerator.dll" ["iolo technologies, LLC"]
WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\PROGRA~1\WINZIP\WZSHLSTB.DLL" ["WinZip Computing LP"]
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY SECURITY SUITE\KASPERSKY ANTI-VIRUS PERSONAL\SHELLEX.DLL" [file not found]
Shell Extension for Malware scanning\(Default) = "{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"
-> {HKLM...CLSID} = "Shell Extension for Malware scanning"
\InProcServer32\(Default) = "C:\PROGRAM FILES\ANTIVIR PERSONALEDITION CLASSIC\SHLEXT.DLL" ["H+BEDV Datentechnik GmbH"]


System Policies [Description]:
------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
HIJACK WARNING! "NoActiveDesktopChanges"=dword:00000001
[prevents changes to Active Desktop configuration; removes
Display Properties|Web (tab)]

HIJACK WARNING! "NoDispBackgroundPage"=dword:00000001
[removes Display Properties, Background (tab)]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is enabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\My Documents\My Pictures\arizona.bmp"


DESKTOP.INI DLL launch in local fixed drive directories:
--------------------------------------------------------

C:\INCINERATE\DESKTOP.INI
[.ShellClassInfo]
CLSID={23CE4E06-2508-11D0-1977-0734210ABE0B}
-> {HKLM...CLSID}\InProcServer32\(Default) = "C:\WINDOWS\SYSTEM\INCINE~1.DLL" ["iolo technologies, LLC"]


Startup items in "Startup" & "All Users...Startup" folders:
-----------------------------------------------------------

C:\WINDOWS\Start Menu\Programs\StartUp
"Shortcut to SPOOL32.EXE" -> shortcut to: "C:\WINDOWS\SYSTEM\SPOOL32.EXE" [MS]


Enabled Scheduled Tasks:
------------------------

"Tune-up Application Start" -> launches: "walign" [MS]
"PCHealth Scheduler for Data Collection" -> launches: "C:\WINDOWS\PCHEALTH\SUPPORT\PCHSCHD.EXE -c" [MS]
"Maintenance-ScanDisk" -> launches: "C:\WINDOWS\SCANDSKW.EXE /SAGERUN:0 /ALL /N" [MS]
"Maintenance-Defragment programs" -> launches: "C:\WINDOWS\DEFRAG.EXE /SAGERUN:0" [MS]
"Maintenance-Disk cleanup" -> launches: "C:\WINDOWS\CLEANMGR.EXE /SAGERUN:0" [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "C:\WINDOWS\SYSTEM\rnr20.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
00000000000#\PackedCatalogItem (contains) DLL [Company Name], (at) # range:
C:\WINDOWS\SYSTEM\mswsosp.dll [MS], 1
C:\WINDOWS\SYSTEM\msafd.dll [MS], 2 - 4
C:\WINDOWS\SYSTEM\rsvpsp.dll [MS], 5 - 6


Toolbars, Explorer Bars, Extensions:
------------------------------------

Extensions (Tools menu items, main toolbar menu buttons)

HKCU\Software\Microsoft\Internet Explorer\Extensions\
{63D9F689-FA15-4ECF-91BC-C4D0734E14EA}\
"ButtonText" = "Dell Home"
"Exec" = "http://www.dellnet.com" [file not found]

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}"
-> {HKLM...CLSID} = "Java Plug-in"
\InProcServer32\(Default) = "C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL" ["Sun Microsystems, Inc."]


Miscellaneous IE Hijack Points
------------------------------

C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")

Added lines (compared with English-language version):
[Strings]: START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome"
[Strings]: MS_START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome"

Missing lines (compared with English-language version):
[Strings]: 2 lines

HKLM\Software\Microsoft\Internet Explorer\AboutURLs\
HIJACK WARNING! "blank*" = "http://205.134.182.164/1/" [file not found]


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
Lexmark Network Printer Monitor\Driver = "LEXLMPM.DLL" ["Lexmark International, Inc."]
Canon MP FAX Port\Driver = "CNCUPM9X.dll" ["Canon Inc."]
MpUsbMon\Driver = "MpUsbMon.dll" ["Conceptual Systems."]
Canon MP Language Monitor MP360/370/390\Driver = "MPPLM5I.DLL" ["CANON INC."]


----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 32 seconds.
+ The search for all Registry CLSIDs containing dormant Explorer Bars
took 17 seconds.
---------- (total run time: 67 seconds)
 
Hows long does it hang at running bot check ? in other words it might just appear to hang
does it say not responding in the title bar ? or is it just slow as in your topic tile
I can help but think having more than one anti-virus installed or that system mechanic is involved.
Uninstall all but one anti virus program, even if one is manualy disabled it has other active files such as drivers that cannot be disabled and could cause conflicts with other programs..
When checking for problems are you letting it work without running other programs ?
 
It doesn't say "not responding" in the title bar. I continues to count but at the same rate as the my post.

I will usually terminate spybot after the counting has slowed for at least one hour.

I typically have only been running spybot is safemode.

I removed the cox security suite so only Antivir is installed, and I have uninstalled System Mechanic. What next?
 
Im not sure what to suggest, I have asked the others to look in.
Other than continue scanning while in safe mode since that seams to works for you.
 
Scanning in safe mode

I haven't been able to complete a single scan yet, even in safe mode. The hang point is the same in both safe and normal mode.
 
Worth a shot but might not help with the problems
Try reseting each zone in Internet explorer > security, Use the default button
If that Button is dimmed out click custom level > change something apply then ok, then use that default button, also Internet option's > advanced and click default settings button.

Also revisit windows update and get any crittical updates that are avaiable.
 
You must log in or register to reply here.
Back
Top