1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

hijack this log - laptop freeze

Discussion in 'Spyware, Adware, Viruses and Malware Removal' started by hotspurhenry, Dec 29, 2006.

  1. hotspurhenry

    hotspurhenry Techie7 New Member

    this is the results from hijack this !

    My PC keeps freezing every min or second - plus sometimes the clock changes and if i restart it corrects itself- CTRL ALT and Delete will not work as well as the touchpad until freezing stops

    I have a FJS P7010 only 2 years old and the hard drive is 15 % used i have a 80GB hard drive and i am only using 10gb of this !

    I have also noticed that start up is slow and it freezes sometimes after start up straight away -

    Plus settings keep changing after start up

    i have checked the following

    memory installed correctly and Air clean the Laptop

    Logfile of HijackThis v1.99.1
    Scan saved at 15:18:01, on 29/12/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0P1.EXE
    C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
    C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
    C:\PROGRA~1\RETROS~1\RETROS~1.1\RetroExpress.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    C:\PROGRA~1\RETROS~1\RETROS~1.1\retrospect.exe
    C:\PROGRA~1\RETROS~1\RETROS~1.1\retrorun.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! UK & Ireland
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: VS_IEHlprObj Class - {829CAB51-A4EA-4a15-87B6-4B7D0747939C} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [EPSON PictureMate] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0P1.EXE /P17 "EPSON PictureMate" /O6 "USB001" /M "PictureMate"
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
    O4 - HKLM\..\Run: [RetroExpress] C:\PROGRA~1\RETROS~1\RETROS~1.1\RetroExpress.exe /h
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: CA License Client (CA_LIC_CLNT) - Unknown owner - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe (file missing)
    O23 - Service: GhostStartService - Unknown owner - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Event Log Watch (LogWatch) - Unknown owner - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe (file missing)
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    O23 - Service: MaxSyncService (NTService1) - - C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe
    O23 - Service: PestPatrol Remote - Unknown owner - C:\Program Files\Common Files\pestpatrol\ppRemoteService.exe (file missing)
    O23 - Service: Retrospect Express HD Helper (RetroExp Helper) - EMC Dantz - C:\PROGRA~1\RETROS~1\RETROS~1.1\rthlpsvc.exe
    O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Dantz - C:\PROGRA~1\RETROS~1\RETROS~1.1\retrorun.exe
     
  2. Neal

    Neal Dedicated Member

    This may not be fixable if your computer is freezeing every minute or so because we need to do scans that last much longer than that.


    Hijackthis does not show any thing malicious.

    But we will try.

    It looks like your main anti-virus is mcafee but I see remnants of symantec also. Did you have symantec at one time and how did you uninstall? What version did you have?



    Please download ATF Cleaner by Atribune to desktop.
    http://www.atribune.org/public-beta/ATF-Cleaner.exe

    Double-click ATF-Cleaner.exe to run the program.

    If you would like to keep your cookies don't check that item

    * Under Main "Select Files to Delete" choose: Select All.
    * Click the Empty Selected button.
    * If you use Firefox browser click Firefox at the top and choose: Select All
    * Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    * If you use Opera browser click Opera at the top and choose: Select All
    * Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    Click Exit on the Main menu to close the program.



    Get The Stinger here:
    http://vil.nai.com/vil/stinger/

    Download and install and run the scan and if anything is found please post the results.



    Open Hijackthis.

    Click the "Open the Misc Tools" section Button.

    Click the "Open Uninstall Manager" Button.

    Click the "Save list..." Button.

    Save it to your desktop. Copy and paste the contents into your reply.



    Please go to hijackthis.exe and right click on it and then click on rename and rename it to foolyou.exe, press enter
    and post a new log from the newly renamed hijackthis.exe. Sometimes malware hides from hijackthis.exe.
     
  3. hotspurhenry

    hotspurhenry Techie7 New Member

    these are the results

    nothing detected on the stinger

    Ad-Aware SE Personal
    Adobe Atmosphere Player for Acrobat and Adobe Reader
    Adobe Flash Player 9 ActiveX
    Adobe Reader 6.0
    Agere Systems AC'97 Modem
    Apple Software Update
    AVG Free Edition
    AviSynth 2.5
    CA eTrust PestPatrol Anti-Spyware Corporate Edition
    Canon CanoScan Toolbox 4.1
    CCleaner (remove only)
    Clear Cache feature for Internet Explorer
    DivX
    DivX Converter
    DivX Player
    DivX Web Player
    DVD Decrypter (Remove Only)
    DVD Shrink 3.2
    EasyRecovery DataRecovery Trial
    EPSON CardMonitor
    EPSON Photo!4 Ver1.92
    EPSON PhotoQuicker3.5
    EPSON PhotoStarter3.1
    EPSON PRINT Image Framer Tool2.1
    EPSON Printer Software
    ffdshow
    Fujitsu Hotkey Utility
    Google Toolbar for Internet Explorer
    HijackThis 1.99.1
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    ImageMixer
    Intel(R) Extreme Graphics 2 Driver
    InterVideo WinDVD
    iPod for Windows 2005-02-07
    iPod for Windows 2005-09-23
    iPod for Windows 2005-11-17
    iPod for Windows 2006-01-10
    iPod for Windows 2006-03-23
    iTunes
    J2SE Runtime Environment 5.0 Update 3
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 9
    K-Lite Codec Pack 2.72 Full
    LimeWire PRO 4.12.6
    LiveUpdate 1.80 (Symantec Corporation)
    Maxtor OneTouch III
    McAfee Anti-Spyware Enterprise Module
    McAfee VirusScan Enterprise
    Memory Stick Formatter
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB886903)
    Microsoft ActiveSync 3.7
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Professional Edition 2003
    Microsoft Outlook 2002
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    MovieShaker 3.1 for MICROMV
    mpegable Player
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    NAVIGON MobileNavigator|4
    Norton Ghost
    PcBugDoctor 1,0,0,3
    PIF DESIGNER2.1
    PM Reference Guide
    PM Software Guide
    PowerDVD
    QuickTime
    RealPlayer
    RealProducer Basic 8.5
    Retrospect Express HD 1.1
    ScanToWeb
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB883939)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893066)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899589)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB903235)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911280)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB918899)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922760)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB926255)
    Sony Ericsson PC Suite
    SP2 Connection Patcher
    Spybot - Search & Destroy 1.4
    SpywareBlaster v3.5.1
    SpywareGuard v2.2
    Synaptics Pointing Device Driver
    Update for Windows XP (KB894391)
    Update for Windows XP (KB896727)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    VideoLAN VLC media player 0.8.2
    Videora TiVo Converter 0.80
    Winamp (remove only)
    Windows Defender Signatures
    Windows Genuine Advantage v1.3.0254.0
    Windows Installer 3.1 (KB893803)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows XP Hotfix - KB834707
    Windows XP Hotfix - KB867282
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890047
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB890923
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB893086
    WinRAR archiver
    WinZip
    x264 Revision 531 x264.nl (remove only)



    not usre how to do this is this the folder?? or inside the hijack folder

    Please go to hijackthis.exe and right click on it and then click on rename and rename it to foolyou.exe, press enter
    and post a new log from the newly renamed hijackthis.exe. Sometimes malware hides from hijackthis.exe.
     
  4. Neal

    Neal Dedicated Member

    Inside the folder "hijackthis.exe"


    Look at all this stuff here, way to much protection and possibly the cause of your problems.



    AVG Free Edition-excellent
    CA eTrust PestPatrol Anti-Spyware Corporate Edition
    LiveUpdate 1.80 (Symantec Corporation)
    McAfee Anti-Spyware Enterprise Module
    McAfee VirusScan Enterprise
    Norton Ghost
    PcBugDoctor 1,0,0,3- is this a leagal copy?

    Spybot - Search & Destroy 1.4
    SpywareBlaster v3.5.1 - these four go good together
    SpywareGuard v2.2
    Ad-Aware SE Personal

    Windows Defender Signatures


    You need to clean this up before we go any further as this could be the cause of your problems, you need one anti-virus program and one firewall and possibly the four I mentioned above I have those four as well.

    Free firewalls:eek:nly one

    4. Consider using a free firewall if you are not already using one. Some good free ones are:
    Kerio
    http://www.sunbelt-software.com/Kerio.cfm

    Zone Labs Personal Firewall:
    Zone Labs
     
  5. hotspurhenry

    hotspurhenry Techie7 New Member

    how do i go about completely deleting them from my system as i cvan unistall but they always seem to be there
     
  6. Neal

    Neal Dedicated Member

    For norton:

    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039


    Then for others:

    1. Start HijackThis
    2. Click on the Config button
    3. Click on the Misc Tools button
    4. Click on the Open Uninstall Manager button.

    Click on:

    CA eTrust PestPatrol Anti-Spyware Corporate Edition-or which ever one you want to start with or keep,remember one anti virus one firewall and the four I mentioned will protect you about as could as you can get without having to pay for it.


    Click on Delete this entry

    Reboot your computer.


    Do the rest same way, norton tool above should take care of all norton products.
     
  7. hotspurhenry

    hotspurhenry Techie7 New Member

    hi

    i have deleted the mcaffee ent and virus aloso CA norton

    i have also renamed hijack.exe to foolyou.exe

    and here are the results

    Ad-Aware SE Personal
    Adobe Atmosphere Player for Acrobat and Adobe Reader
    Adobe Flash Player 9 ActiveX
    Adobe Reader 6.0
    Agere Systems AC'97 Modem
    Apple Software Update
    AVG Free Edition
    AviSynth 2.5
    CCleaner (remove only)
    Clear Cache feature for Internet Explorer
    DivX
    DivX Converter
    DivX Player
    DivX Web Player
    DVD Decrypter (Remove Only)
    DVD Shrink 3.2
    EasyRecovery DataRecovery Trial
    EPSON CardMonitor
    EPSON Photo!4 Ver1.92
    EPSON PhotoQuicker3.5
    EPSON PhotoStarter3.1
    EPSON PRINT Image Framer Tool2.1
    EPSON Printer Software
    ffdshow
    Fujitsu Hotkey Utility
    Google Toolbar for Internet Explorer
    HijackThis 1.99.1
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB926239)
    ImageMixer
    Intel(R) Extreme Graphics 2 Driver
    InterVideo WinDVD
    iPod for Windows 2005-02-07
    iPod for Windows 2005-09-23
    iPod for Windows 2005-11-17
    iPod for Windows 2006-01-10
    iPod for Windows 2006-03-23
    iTunes
    J2SE Runtime Environment 5.0 Update 3
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 9
    K-Lite Codec Pack 2.72 Full
    LimeWire PRO 4.12.6
    Maxtor OneTouch III
    Memory Stick Formatter
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB886903)
    Microsoft ActiveSync 3.7
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Professional Edition 2003
    Microsoft Outlook 2002
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    MovieShaker 3.1 for MICROMV
    mpegable Player
    MSXML 4.0 SP2 (KB925672)
    MSXML 4.0 SP2 (KB927978)
    PIF DESIGNER2.1
    PM Reference Guide
    PM Software Guide
    PowerDVD
    QuickTime
    RealPlayer
    RealProducer Basic 8.5
    Retrospect Express HD 1.1
    ScanToWeb
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB883939)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893066)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899588)
    Security Update for Windows XP (KB899589)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB903235)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB905915)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB908531)
    Security Update for Windows XP (KB911280)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911567)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912812)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913446)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB916281)
    Security Update for Windows XP (KB917159)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB918899)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920214)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922760)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB926255)
    Sony Ericsson PC Suite
    SP2 Connection Patcher
    Spybot - Search & Destroy 1.4
    SpywareBlaster v3.5.1
    SpywareGuard v2.2
    Synaptics Pointing Device Driver
    Update for Windows XP (KB894391)
    Update for Windows XP (KB896727)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    VideoLAN VLC media player 0.8.2
    Videora TiVo Converter 0.80
    Winamp (remove only)
    Windows Genuine Advantage v1.3.0254.0
    Windows Installer 3.1 (KB893803)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player 11
    Windows XP Hotfix - KB834707
    Windows XP Hotfix - KB867282
    Windows XP Hotfix - KB873333
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890047
    Windows XP Hotfix - KB890175
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB890923
    Windows XP Hotfix - KB891781
    Windows XP Hotfix - KB893086
    WinRAR archiver
    WinZip
    x264 Revision 531 x264.nl (remove only)
    ZoneAlarm



    i still have mcaffe on the toolbar - would it be easier for you to look at it remotely?? - it is still freezing by the way
     
  8. hotspurhenry

    hotspurhenry Techie7 New Member

    do you also know what i should do with this?

    it is a scan from adaware it has one critical object

    shall i delete it??


    Ad-Aware SE Build 1.06r1
    Logfile Created on:31 December 2006 00:37:17
    Created with Ad-Aware SE Personal, free for private use.
    Using definitions file:SE1R141 27.12.2006
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    References detected during the scan:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    MRU List(TAC index:0):8 total references
    Windows(TAC index:3):1 total references
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Ad-Aware SE Settings
    ===========================
    Set : Search for negligible risk entries
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep-scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan my Hosts file

    Extended Ad-Aware SE Settings
    ===========================
    Set : Unload recognized processes & modules during scan
    Set : Scan registry for all users instead of current user only
    Set : Always try to unload modules before deletion
    Set : During removal, unload Explorer and IE if necessary
    Set : Let Windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Include basic Ad-Aware settings in log file
    Set : Include additional Ad-Aware settings in log file
    Set : Include reference summary in log file
    Set : Include alternate data stream details in log file
    Set : Play sound at scan completion if scan locates critical objects


    31-12-2006 00:37:17 - Scan started. (Full System Scan)

    MRU List Object Recognized!
    Location: : C:\Documents and Settings\Administrator\recent
    Description : list of recently opened documents


    MRU List Object Recognized!
    Location: : S-1-5-21-2362326571-4031214640-1903209245-500\software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct3d


    MRU List Object Recognized!
    Location: : S-1-5-21-2362326571-4031214640-1903209245-500\software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct X


    MRU List Object Recognized!
    Location: : software\microsoft\directdraw\mostrecentapplication
    Description : most recent application to use microsoft directdraw


    MRU List Object Recognized!
    Location: : S-1-5-21-2362326571-4031214640-1903209245-500\software\microsoft\internet explorer\typedurls
    Description : list of recently entered addresses in microsoft internet explorer


    MRU List Object Recognized!
    Location: : S-1-5-21-2362326571-4031214640-1903209245-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
    Description : list of recent programs opened


    MRU List Object Recognized!
    Location: : S-1-5-21-2362326571-4031214640-1903209245-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
    Description : list of recently saved files, stored according to file extension


    MRU List Object Recognized!
    Location: : S-1-5-21-2362326571-4031214640-1903209245-500\software\microsoft\windows\currentversion\explorer\recentdocs
    Description : list of recent documents opened


    Listing running processes
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ProcessID : 764
    ThreadCreationTime : 30-12-2006 23:55:40
    BasePriority : Normal


    #:2 [csrss.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 816
    ThreadCreationTime : 30-12-2006 23:55:42
    BasePriority : Normal


    #:3 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 840
    ThreadCreationTime : 30-12-2006 23:55:42
    BasePriority : High


    #:4 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 884
    ThreadCreationTime : 30-12-2006 23:55:42
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Services and Controller app
    InternalName : services.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : services.exe

    #:5 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 896
    ThreadCreationTime : 30-12-2006 23:55:42
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : lsass.exe

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1056
    ThreadCreationTime : 30-12-2006 23:55:43
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1100
    ThreadCreationTime : 30-12-2006 23:55:43
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:8 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1240
    ThreadCreationTime : 30-12-2006 23:55:43
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:9 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1368
    ThreadCreationTime : 30-12-2006 23:55:44
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:10 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1596
    ThreadCreationTime : 30-12-2006 23:55:44
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:11 [vsmon.exe]
    FilePath : C:\WINDOWS\system32\ZoneLabs\
    ProcessID : 1608
    ThreadCreationTime : 30-12-2006 23:55:44
    BasePriority : Normal
    FileVersion : 6.5.737.000
    ProductVersion : 6.5.737.000
    ProductName : TrueVector Service
    CompanyName : Zone Labs, LLC
    FileDescription : TrueVector Service
    InternalName : vsmon
    LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
    OriginalFilename : vsmon.exe

    #:12 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 656
    ThreadCreationTime : 30-12-2006 23:55:50
    BasePriority : Normal
    FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
    ProductVersion : 5.1.2600.2696
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : spoolsv.exe

    #:13 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 1748
    ThreadCreationTime : 30-12-2006 23:55:55
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : EXPLORER.EXE

    #:14 [ltmoh.exe]
    FilePath : C:\Program Files\ltmoh\
    ProcessID : 1952
    ThreadCreationTime : 30-12-2006 23:55:58
    BasePriority : Normal
    FileVersion : 1.73
    ProductVersion : 1.73
    ProductName : LtMoh Application
    CompanyName : Agere Systems
    FileDescription : LtMoh MFC Application
    InternalName : LtMoh
    LegalCopyright : Agere Copyright © 2001-2004
    LegalTrademarks : Agere Systens
    OriginalFilename : LtMoh.EXE

    #:15 [igfxtray.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1960
    ThreadCreationTime : 30-12-2006 23:55:59
    BasePriority : Normal
    FileVersion : 3.0.0.2285
    ProductVersion : 7.0.0.2285
    ProductName : Intel(R) Common User Interface
    CompanyName : Intel Corporation
    FileDescription : igfxTray Module
    InternalName : IGFXTRAY
    LegalCopyright : Copyright 1999-2003, Intel Corporation
    OriginalFilename : IGFXTRAY.EXE

    #:16 [hkcmd.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1968
    ThreadCreationTime : 30-12-2006 23:55:59
    BasePriority : Normal
    FileVersion : 3.0.0.2285
    ProductVersion : 7.0.0.2285
    ProductName : Intel(R) Common User Interface
    CompanyName : Intel Corporation
    FileDescription : hkcmd Module
    InternalName : HKCMD
    LegalCopyright : Copyright 1999-2003, Intel Corporation
    OriginalFilename : HKCMD.EXE

    #:17 [syntplpr.exe]
    FilePath : C:\Program Files\Synaptics\SynTP\
    ProcessID : 1640
    ThreadCreationTime : 30-12-2006 23:55:59
    BasePriority : Normal
    FileVersion : 7.10.10 07May04
    ProductVersion : 7.10.10 07May04
    ProductName : Progressive Touch
    CompanyName : Synaptics, Inc.
    FileDescription : TouchPad Driver Helper Application
    InternalName : SynTPLpr
    LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2004
    OriginalFilename : SynTPLpr.exe

    #:18 [syntpenh.exe]
    FilePath : C:\Program Files\Synaptics\SynTP\
    ProcessID : 228
    ThreadCreationTime : 30-12-2006 23:56:00
    BasePriority : Normal
    FileVersion : 7.10.10 07May04
    ProductVersion : 7.10.10 07May04
    ProductName : Progressive Touch
    CompanyName : Synaptics, Inc.
    FileDescription : Synaptics TouchPad Enhancements
    InternalName : Scrolleroo
    LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2004
    OriginalFilename : SynTPEnh.exe

    #:19 [e_s4i0p1.exe]
    FilePath : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\
    ProcessID : 248
    ThreadCreationTime : 30-12-2006 23:56:00
    BasePriority : Normal
    FileVersion : 3.00
    ProductVersion : 3.00
    ProductName : EPSON Status Monitor 3
    CompanyName : SEIKO EPSON CORPORATION
    FileDescription : EPSON Status Monitor 3
    InternalName : E_S4I0P1
    LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2003
    OriginalFilename : E_S4I0P1.EXE

    #:20 [avgamsvr.exe]
    FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
    ProcessID : 268
    ThreadCreationTime : 30-12-2006 23:56:00
    BasePriority : Normal
    FileVersion : 7.5.0.420
    ProductVersion : 7.5.0.420
    ProductName : AVG 7.5 Anti-Virus System
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG Alert Manager
    InternalName : avgamsvr
    LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
    OriginalFilename : avgamsvr.EXE

    #:21 [updaterui.exe]
    FilePath : C:\Program Files\Network Associates\Common Framework\
    ProcessID : 276
    ThreadCreationTime : 30-12-2006 23:56:00
    BasePriority : Normal
    FileVersion : 3.5.0.412
    ProductName : McAfee Common Framework
    CompanyName : Network Associates, Inc.
    FileDescription : Common User Interface
    InternalName : UpdaterUI
    LegalCopyright : Copyright© 2000-2004 Networks Associates Technology, Inc. All Rights Reserved.
    OriginalFilename : UpdaterUI.exe

    #:22 [avgupsvc.exe]
    FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
    ProcessID : 372
    ThreadCreationTime : 30-12-2006 23:56:01
    BasePriority : Normal
    FileVersion : 7.5.0.420
    ProductVersion : 7.5.0.420
    ProductName : AVG 7.5 Anti-Virus System
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG Update Service
    InternalName : avgupsvc
    LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
    OriginalFilename : avgupdsvc.EXE

    #:23 [onetouch.exe]
    FilePath : C:\Program Files\Maxtor\OneTouch\utils\
    ProcessID : 496
    ThreadCreationTime : 30-12-2006 23:56:01
    BasePriority : Normal
    FileVersion : 4, 0, 4, 0
    ProductVersion : 4, 0, 4, 0
    ProductName : Maxtor OneTouch II
    CompanyName : Maxtor Corporation
    FileDescription : Maxtor OneTouch Detection
    InternalName : OneTouch
    LegalCopyright : Copyright © 2004-2006
    OriginalFilename : OneTouch.EXE

    #:24 [frameworkservice.exe]
    FilePath : C:\Program Files\Network Associates\Common Framework\
    ProcessID : 564
    ThreadCreationTime : 30-12-2006 23:56:01
    BasePriority : Normal
    FileVersion : 3.5.0.412
    ProductName : McAfee Common Framework
    CompanyName : Network Associates, Inc.
    FileDescription : Framework Service
    InternalName : Framework
    LegalCopyright : Copyright© 2000-2004 Networks Associates Technology, Inc. All Rights Reserved.
    OriginalFilename : Framework.exe

    #:25 [retroexpress.exe]
    FilePath : C:\PROGRA~1\RETROS~1\RETROS~1.1\
    ProcessID : 796
    ThreadCreationTime : 30-12-2006 23:56:01
    BasePriority : Normal


    #:26 [mcshield.exe]
    FilePath : C:\Program Files\Network Associates\VirusScan\
    ProcessID : 1032
    ThreadCreationTime : 30-12-2006 23:56:01
    BasePriority : High


    #:27 [jusched.exe]
    FilePath : C:\Program Files\Java\jre1.5.0_09\bin\
    ProcessID : 1136
    ThreadCreationTime : 30-12-2006 23:56:02
    BasePriority : Normal


    #:28 [realsched.exe]
    FilePath : C:\Program Files\Common Files\Real\Update_OB\
    ProcessID : 1176
    ThreadCreationTime : 30-12-2006 23:56:02
    BasePriority : Normal
    FileVersion : 0.1.0.3510
    ProductVersion : 0.1.0.3510
    ProductName : RealPlayer (32-bit)
    CompanyName : RealNetworks, Inc.
    FileDescription : RealNetworks Scheduler
    InternalName : schedapp
    LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
    LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
    OriginalFilename : realsched.exe

    #:29 [shstat.exe]
    FilePath : C:\Program Files\Network Associates\VirusScan\
    ProcessID : 1316
    ThreadCreationTime : 30-12-2006 23:56:02
    BasePriority : Normal


    #:30 [avgcc.exe]
    FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
    ProcessID : 1388
    ThreadCreationTime : 30-12-2006 23:56:03
    BasePriority : Normal
    FileVersion : 7.5.0.418
    ProductVersion : 7.5.0.418
    ProductName : AVG 7.5 Anti-Virus System
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG Control Center
    InternalName : AvgCC
    LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
    OriginalFilename : AvgCC.EXE

    #:31 [qttask.exe]
    FilePath : C:\Program Files\QuickTime\
    ProcessID : 1428
    ThreadCreationTime : 30-12-2006 23:56:03
    BasePriority : Normal
    FileVersion : 7.1.3
    ProductVersion : QuickTime 7.1.3
    ProductName : QuickTime
    CompanyName : Apple Computer, Inc.
    FileDescription : QuickTime Task
    InternalName : QuickTime Task
    LegalCopyright : Copyright Apple Computer, Inc. 1989-2006
    OriginalFilename : QTTask.exe

    #:32 [zlclient.exe]
    FilePath : C:\Program Files\Zone Labs\ZoneAlarm\
    ProcessID : 1360
    ThreadCreationTime : 30-12-2006 23:56:04
    BasePriority : Normal
    FileVersion : 6.5.737.000
    ProductVersion : 6.5.737.000
    ProductName : Zone Labs Client
    CompanyName : Zone Labs, LLC
    FileDescription : Zone Labs Client
    InternalName : zlclient
    LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
    OriginalFilename : zlclient.exe

    #:33 [msmsgs.exe]
    FilePath : C:\Program Files\Messenger\
    ProcessID : 1484
    ThreadCreationTime : 30-12-2006 23:56:05
    BasePriority : Normal
    FileVersion : 4.7.3001
    ProductVersion : Version 4.7.3001
    ProductName : Messenger
    CompanyName : Microsoft Corporation
    FileDescription : Windows Messenger
    InternalName : msmsgs
    LegalCopyright : Copyright (c) Microsoft Corporation 2004
    LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
    OriginalFilename : msmsgs.exe

    #:34 [ctfmon.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1504
    ThreadCreationTime : 30-12-2006 23:56:06
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : CTFMON.EXE

    #:35 [wcescomm.exe]
    FilePath : C:\Program Files\Microsoft ActiveSync\
    ProcessID : 1568
    ThreadCreationTime : 30-12-2006 23:56:06
    BasePriority : Normal
    FileVersion : 3.7.1.4034
    ProductVersion : 3.7.4034
    ProductName : Microsoft ActiveSync
    CompanyName : Microsoft Corporation
    FileDescription : ActiveSync Connection Manager
    InternalName : wcescomm
    LegalCopyright : Copyright © 1995-2004 Microsoft Corp. All rights reserved.
    LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
    OriginalFilename : WCESCOMM.EXE

    #:36 [teatimer.exe]
    FilePath : C:\Program Files\Spybot - Search & Destroy\
    ProcessID : 1512
    ThreadCreationTime : 30-12-2006 23:56:07
    BasePriority : Idle
    FileVersion : 1, 4, 0, 2
    ProductVersion : 1, 4, 0, 3
    ProductName : Spybot - Search & Destroy
    CompanyName : Safer Networking Limited
    FileDescription : System settings protector
    InternalName : TeaTimer
    LegalCopyright : © 2000-2005 Patrick M. Kolla / Safer Networking Limited. Alle Rechte vorbehalten.
    LegalTrademarks : "Spybot" und "Spybot - Search & Destroy" sind registrierte Warenzeichen.
    OriginalFilename : TeaTimer.exe
    Comments : Schützt Systemeinstellungen vor ungewollten Änderungen.

    #:37 [sgmain.exe]
    FilePath : C:\Program Files\SpywareGuard\
    ProcessID : 1680
    ThreadCreationTime : 30-12-2006 23:56:08
    BasePriority : Normal
    FileVersion : 2.02.0001
    ProductVersion : 2.02.0001
    ProductName : SpywareGuard
    FileDescription : SpywareGuard
    InternalName : sgmain
    LegalCopyright : Copyright (C) 2002-2003 Javacool Software LLC
    OriginalFilename : sgmain.exe
    Comments : SpywareGuard

    #:38 [vstskmgr.exe]
    FilePath : C:\Program Files\Network Associates\VirusScan\
    ProcessID : 1812
    ThreadCreationTime : 30-12-2006 23:56:10
    BasePriority : Normal


    #:39 [naprdmgr.exe]
    FilePath : C:\PROGRA~1\NETWOR~1\COMMON~1\
    ProcessID : 1876
    ThreadCreationTime : 30-12-2006 23:56:12
    BasePriority : Normal
    FileVersion : 3.5.0.412
    ProductName : McAfee Common Framework
    CompanyName : Network Associates, Inc.
    FileDescription : NAI Product Manager
    InternalName : Product Manager
    LegalCopyright : Copyright© 2000-2004 Networks Associates Technology, Inc. All Rights Reserved.
    OriginalFilename : naPrdMgr.exe

    #:40 [sgbhp.exe]
    FilePath : C:\Program Files\SpywareGuard\
    ProcessID : 2064
    ThreadCreationTime : 30-12-2006 23:56:13
    BasePriority : Normal
    FileVersion : 2.02.0001
    ProductVersion : 2.02.0001
    ProductName : SG Browser Hijacking Protection
    FileDescription : SG Browser Hijacking Protection
    InternalName : sgbhp
    LegalCopyright : Copyright (C) 2002-2003 Javacool Software LLC.
    OriginalFilename : sgbhp.exe
    Comments : SG Browser Hijacking Protection

    #:41 [mdm.exe]
    FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\
    ProcessID : 2084
    ThreadCreationTime : 30-12-2006 23:56:13
    BasePriority : Normal
    FileVersion : 7.00.9466
    ProductVersion : 7.00.9466
    ProductName : Microsoft® Visual Studio .NET
    CompanyName : Microsoft Corporation
    FileDescription : Machine Debug Manager
    InternalName : mdm.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : mdm.exe

    #:42 [wmiapsrv.exe]
    FilePath : C:\WINDOWS\system32\wbem\
    ProcessID : 3664
    ThreadCreationTime : 30-12-2006 23:57:47
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : WMI Performance Adapter Service
    InternalName : WmiApSrv.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : WmiApSrv.exe

    #:43 [wscntfy.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 3680
    ThreadCreationTime : 30-12-2006 23:57:47
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows Security Center Notification App
    InternalName : wscntfy.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : wscntfy.exe

    #:44 [alg.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 132
    ThreadCreationTime : 30-12-2006 23:57:51
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Application Layer Gateway Service
    InternalName : ALG.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : ALG.exe

    #:45 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ProcessID : 2744
    ThreadCreationTime : 30-12-2006 23:59:00
    BasePriority : Normal
    FileVersion : 7.00.5730.11 (winmain(wmbla).061017-1135)
    ProductVersion : 7.00.5730.11
    ProductName : Windows® Internet Explorer
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : IEXPLORE.EXE

    #:46 [googletoolbarnotifier.exe]
    FilePath : C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\
    ProcessID : 3736
    ThreadCreationTime : 30-12-2006 23:59:05
    BasePriority : Normal
    FileVersion : 1, 2, 908, 5008
    ProductVersion : 1, 2, 908, 5008
    ProductName : GoogleToolbarNotifier
    CompanyName : Google Inc.
    FileDescription : GoogleToolbarNotifier
    LegalCopyright : Copyright © 2005-2006
    OriginalFilename : GoogleToolbarNotifier.exe

    #:47 [retrospect.exe]
    FilePath : C:\PROGRA~1\RETROS~1\RETROS~1.1\
    ProcessID : 1344
    ThreadCreationTime : 31-12-2006 00:28:22
    BasePriority : Normal
    FileVersion : 1.1.127
    ProductVersion : 1.1
    ProductName : Retrospect Express HD
    CompanyName : EMC Dantz
    FileDescription : Retrospect Express HD
    InternalName :
    LegalCopyright : Copyright 1989-2005 EMC Corporation
    LegalTrademarks : EMC Dantz® Retrospect®
    OriginalFilename : retrospect.exe

    #:48 [retrorun.exe]
    FilePath : C:\PROGRA~1\RETROS~1\RETROS~1.1\
    ProcessID : 3212
    ThreadCreationTime : 31-12-2006 00:28:24
    BasePriority : Normal
    FileVersion : 1.1.127
    ProductVersion : 1.1
    ProductName : Retrospect Express HD
    CompanyName : EMC Dantz
    FileDescription : Retrospect Express HD
    InternalName :
    LegalCopyright : Copyright 1989-2005 EMC Corporation
    LegalTrademarks : EMC Dantz® Retrospect®
    OriginalFilename : retrorun.exe

    #:49 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
    ProcessID : 3408
    ThreadCreationTime : 31-12-2006 00:36:43
    BasePriority : Normal
    FileVersion : 6.2.0.236
    ProductVersion : SE 106
    ProductName : Lavasoft Ad-Aware SE
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-Aware SE Core application
    InternalName : Ad-Aware.exe
    LegalCopyright : Copyright © Lavasoft AB Sweden
    OriginalFilename : Ad-Aware.exe
    Comments : All Rights Reserved

    Memory scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 8


    Started registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Windows Object Recognized!
    Type : RegData
    Data :
    TAC Rating : 3
    Category : Vulnerability
    Comment :
    Rootkey : HKEY_CLASSES_ROOT
    Object : regfile\shell\open\command
    Value :
    Data :

    Registry Scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 1
    Objects found so far: 9


    Started deep registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Deep registry scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 9


    Started Tracking Cookie scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


    Tracking cookie scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 9



    Deep scanning and examining files (C:)
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Disk Scan Result for C:\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 9


    Deep scanning and examining files (D:)
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Disk Scan Result for D:\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 9


    Scanning Hosts file......
    Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Hosts file scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    1 entries scanned.
    New critical objects:0
    Objects found so far: 9




    Performing conditional scans...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Conditional scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 9

    00:58:52 Scan Complete

    Summary Of This Scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Total scanning time:00:21:35.189
    Objects scanned:163594
    Objects identified:1
    Objects ignored:0
    New critical objects:1
     
  9. Neal

    Neal Dedicated Member

    Yes delete or quarantine object probably a tracking cookie.


    Go here for mcafee uninstaller tool:

    http://ts.mcafeehelp.com/?siteID=1&resolution=1152x864


    Do you have windows media player 11 installed twice? It shows up in add/remove program twice.

    Freezeing could be a number of things even not related to virus etc.


    Try this:Different from AVG free, it is a trial version and easy to uninstall. Quarantine everything it finds.



    INSTRUCTIONS FOR USING AVG ANTI-SPYWARE in "NORMAL MODE"

    Download and scan with AVG Anti-Spyware
    1. After download, double click on the file to launch the install process.
    2. Choose a language, click "OK" and then click "Next".
    3. Read the "License Agreement" and click "I Agree".
    4. Accept default installation path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5, click "Next", then click "Install".
    5. After setup completes, click "Finish" to start the program automatically or launch AVG Anti-Spyware by double-clicking its icon on your desktop or in the system tray.
    6. The main "Status" menu will appear. Select "Change state" to inactivate 'Resident Shield' and 'Automatic Updates'.
    7. Then right click on AVG Anti-Spyware in the system tray and uncheck "Start with Windows".
    8. Go to Start > Run and type: services.msc

    * Press "OK".
    * Click the "Extended tab" and scroll down the list to find AVG Anti-Spyware guard.
    * When you find the guard service, double-click on it.
    * In the Properties Window > General Tab that opens, click the "Stop" button.
    * From the drop-down menu next to "Startup Type", click on "Manual".
    * Now click "Apply", then "OK" and close the Services window.

    9. Select the "Update" button and click "Start update". Wait until you see the "Update succesfull message". If you are having problems with the updater, manually update with the AVG Anti-Spyware Full database installer from HERE .

    Once the updates are installed do the following:
    1. Click on the "Scanner" button and choose the "Settings" tab.

    * Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
    * Under "How to Scan?" check all (default).
    * Under "Possibly unwanted software" check all (default).
    * Under "What to Scan?" make sure "Scan every file" is selected (default).
    * Under "Reports" select "Automatically generate report after every scan" and UNcheck "Only if threats were found".

    2. Click the "Scan" tab to return to scanning options.
    3. Click "Complete System Scan" to start.
    4. When the scan has finished you will be presented with a list of infected objects found. Click "Apply all actions" to place the files in Quarantine.

    IMPORTANT! Do not save the report before you have clicked the "Apply all actions button". If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the "Apply all actions" button?

    5. Click on "Save Report" to view all completed scans. Click on the most recent scan you just performed and select "Save report as" - the default file name will be in date/time format as follows: Report-Scan-20060620-142816.txt. Save to your desktop. A copy of each report will also be saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\
    6. Exit AVG Anti-Spyware when done and submit the log report in your next response.

    Close all open windows, programs, and DO NOT USE the computer while AVG Anti-Spyware is scanning. If Explorer or other programs are open during the scan that means certain files will also be in use. Some malware will insert itself and hide in areas that are "protected" by Windows when the files are being used. This can hamper AVG Anti-Spyware's ability to clean properly and may result in reinfection.

    Please post a new hijackthis log also. Thanks.
     
  10. hotspurhenry

    hotspurhenry Techie7 New Member

    Hi Neal

    I have completed the avg antivirus scan no threats found at all !

    with regards the windows media one was win media 11 and the other was win media format

    i have also removed the mcaffe as well thanks

    still the freezing exists though!
     
  11. Neal

    Neal Dedicated Member

    It looks like you are clean of malware now and computer is properly protected from malware, now I think you should go over to the XPHelp section and see if those guys can help you. We only do virus etc here, those guys are very good at what they do.

    Here:

    http://www.d-a-l.com/help/index.php

    Good luck.