I'm at my wits end

by **Lavina Molnar** » Tue Sep 25, 2007 2:54 pm

Sigrid

It just shows my ignorance of computer terminology!! Think I meant downloading, not installing!!
I'll see whether I can fathom out the business of posting a log file.
Dunno if AVG is self-protecting. I used Norton for donkey's years - when sub was due couple of years ago Duncan persuaded me to change to AVG that he uses and swears by.

Lavina

by **Lavina Molnar** » Wed Sep 26, 2007 1:18 pm

gpsmikey wrote:Yes, "Hijack This" this is one of my favorite tools, but you do have to be very
careful with it. People will simply check everything it finds without looking
at what they are doing (or bothering to do the research) and find themselves
virtually unbootable. If you follow the instructions AND look carefully at
what it is reporting, it is a very good tool. As Cherub says, post a copy of
the logfile if you run it and we'll see what we can find (there is also a group
you can post the logfile too that will analyze it for you -- it is in the instructions
on the web page).

mikey

Is this the "Hijack This" log that was suggested I post? I ran kaspersky too, which was suggested by Brenda and that showed some questionable items. Still needing advice, although computer is still running great. But if there is something untoward in there reckon I really need to get it fixed, yes?

Thanks
Lavina

Logfile of HijackThis v1.99.1
Scan saved at 21:51:28, on 26/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\BLUEYO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\webHancer\Programs\whagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\cadix\screen saver\cssCtrl.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\blueyonder IST\bin\mpbtn.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Lavina\LOCALS~1\Temp\Temporary Directory 1 for hijackthis_199[1].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided by blueyonder
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Workflow] D:\Workflow.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\BLUEYO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: blueyonder Instant Support Tool.lnk = C:\Program Files\blueyonder IST\bin\blueyonder-istconfig.exe
O4 - Global Startup: CADIX Screen Saver Control.lnk = C:\cadix\screen saver\cssCtrl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... xdm006AXGB
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... 0.0.15.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com/install ... nstall.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

by **Sigrid** » Wed Sep 26, 2007 10:20 pm

Good morning Brenda,
sorry, and yes there are nasties on your PC.
And because your antivirus software did not warn you enough, you could well have a seriously compromised system. You can either try and fix these nasties one by one or you make a clean break.

by **Brenda** » Wed Sep 26, 2007 11:21 pm

Sigrid,

You mean Lavina.

Brenda

by **cherub** » Thu Sep 27, 2007 12:45 am

Lavina,
I took your log and ran it through the HijackThis site.
This is a picture of what I got: http://img231.imageshack.us/img231/8779 ... loguf5.png

Everything marked with a red X is problematic. Everything marked with ? should have an answer, and if you don't know it, then it's bad.

The site points out that you are not running a firewall. Why not Lavina? Not even the one provided by Windows ? If this is so, then this not good.

You said you are running AVG anti-virus, but your computer still runs the service of your old Norton Updater (Symantec). You should do a cleanup
of your computer of this. Such services take up your resources, and obviously they are not needed.

You have installed quite a few tool bars in your Internet Explorer. The majority of them are all bad, and in future you should refrain from installing
such things. Everything marked BHO is questionable, with the exception of Acrobat. I don't know if you were really interested in Google's tool-bar,
but some softwares do install it. You can always say no, if you pay attention.

If you do want to fix your computer, then do run Spybot Search & Destroy which was recommended to you before.

If you have Kaspersky, then by all means do as it says, because this is probably the best Anti-Virus there is.

Try using Firefox instead of Internet Explorer. Much safer, much nicer !

When you are done running and cleaning, please post your HijackThis log again here in this forum.

GOOD LUCK .

by **Lavina Molnar** » Thu Sep 27, 2007 3:47 am

Cherub

Thank you so much and for sending the Hijack report. I've had a look and I do have some serious problems - must get fixed.

I AM running a Firewall, the Windows one, and it, auto updates and virus protection are all ON.
I need to do some more housekeeping, and get shot of norton, toolbars (though don't quite know where they came from. I use Google for my web searching) and whatever....... Anyway I know I have a fair amount to attend to. Scares the life out of me, but I'll follow what you suggest. I'll hopefully report back later with a new log.

Thank you again.

Lavina

by **nannybear** » Thu Sep 27, 2007 6:43 am

Lavina I am so proud of you! You are learning so much and I admire you for getting in there and figuring things out. Hugs Jan

by **Lavina Molnar** » Thu Sep 27, 2007 7:43 am

Thanks Jan. Cuddles.
Lavina

by **nannybear** » Sat Sep 29, 2007 7:51 am

Logfile of HijackThis v1.99.1
This should be the newest version.
Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16512)
This should be the newest version.
C:\WINDOWS\System32\smss.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\winlogon.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\services.exe
Safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\lsass.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\svchost.exe
Safe
This entry was classified from our visitors as good.
C:\WINDOWS\System32\svchost.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\spoolsv.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
Safe
Adobe Photoshop Elements
C:\WINDOWS\ehome\ehSched.exe
Neutral

C:\Program Files\Common Files\LightScribe\LSSrvc.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
Safe
Machine Debug Manager. Used by developers.
C:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCom.exe

Trend Micro Central Control Component
C:\Program Files\Photodex\Producer 1935 Vol\ScsiAccess.exe

Possibly nasty! According to our database this process runs normally in c:\programme\photodex\proshowgold\! Check if you know this process and arrange a viruscheck where required.
C:\WINDOWS\System32\PAStiSvc.exe
Safe
This entry was classified from our visitors as good.
C:\WINDOWS\System32\svchost.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\System32\Tablet.exe
Very safe

C:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.exe

Trend Micro Internet Security
C:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe

Trend Micro Personal Firewall
C:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.exe

Trend Micro Internet Security
C:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSrv.exe

TrendMicro PC Cillin Antivirus
C:\WINDOWS\Explorer.EXE
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\ehome\ehtray.exe
Safe

C:\windows\system\hpsysdrv.exe
Safe

C:\WINDOWS\ehome\ehmsas.exe
Neutral

C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

Hewlett-Packard Digital Imaging
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
Safe

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
Neutral

C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
Safe
Possibly nasty! According to our database this process runs normally in c:\programme\common files\logitech\qcdriver3\! Check if you know this process and arrange a viruscheck where required.
C:\WINDOWS\ALCXMNTR.EXE
Neutral This is a nasty process! You should fix it and try to delete it manually!
Realtek AC97 Audio - Event Monitor. Sypware file used surreptitiously monitor one's actions. It is not a sinister one, like remote control programs, but is being used by Realtek to gather data about customers.
C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
Very safe Fuzzy Algorithmcheck (4.22 / 5.00), Safe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Neutral
Checks for updates for RealPlayer
C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe

Possibly nasty! According to our database this process runs normally in c:\programme\hp dvd\umbrella\! Check if you know this process and arrange a viruscheck where required. Umbrella DVD Tray
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
Very safe

C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe

Part of Adobe Phothoshop
C:\HP\KBD\KBD.EXE
Safe This is a unknown process.
This entry was classified from our visitors as good.
C:\WINDOWS\system32\ctfmon.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\rundll32.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe
Very safe
Trend Micro AntiSpam
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
Safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\WTablet\TabUserW.exe
Very safe
Possibly nasty! According to our database this process runs normally in c:\programme\wacom\! Check if you know this process and arrange a viruscheck where required. This entry was classified from our visitors as good.
C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
Nasty Fuzzy Algorithmcheck (3.29 / 5.00), Neutral
C:\WINDOWS\system32\wuauclt.exe
Neutral
Windows Update AutoUpdate Client
C:\PROGRA~1\NETSCAPE\NETSCA~1\NETSCAPE.EXE

Possibly nasty! According to our database this process runs normally in c:\programme\netscape\netscape\! Check if you know this process and arrange a viruscheck where required. Netscape Browser
C:\Program Files\Internet Explorer\iexplore.exe
Safe
This entry was classified from our visitors as good.
C:\PROGRA~1\WINZIP\winzip32.exe
Safe

Z:\Hijackthis\HijackThis.exe
Remember that Hijackthis must be run in an own folder. Only if Hijackthis run in an own folder it will create backups! Tool, mit dem sie dieses Logfile erzeugt haben. Das Programm sollte so angelegt sein ! C:\Programme\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
Very safe This page has been identified as safe.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
Safe This page has been identified as safe.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
Safe This page has been identified as safe.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-ca9.hpwis.com/
This page has been identified as safe.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
Safe This page has been identified as safe.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
Safe This page has been identified as safe.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
Safe This entry was classified from our visitors as good.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
Neutral
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
This entry has been identified as safe.
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://my.netscape.com/index2.psp"); (C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\t8su33nq.slt\prefs.js)
If you know the page, this entry does not need to be fixed. Safe in most cases. Unknown pages and Lop.Com entries should be fixed!
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_0 1.src"); (C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\t8su33nq.slt\prefs.js)
If you know the page, this entry does not need to be fixed. Safe in most cases. Unknown pages and Lop.Com entries should be fixed!
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Neutral Ycomp*_*_*_*.dll - Yahoo Companion!, Yahoo Companion!
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Very safe AcroIEhelper.ocx, AcroIEhelper.dll - Adobe Acrobat reader, http://www.adobe.com/products/acrobat/re adstep2.html
O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
Very safe wsbho2k0.dll - WS_FTP, http://www.ipswitch.com/Products/WS_FTP/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
Safe This entry was classified from our visitors as good.
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)

Unnecessary (deactivated) entry that can be fixed. Hptoolkt.dll, hpdtlk02.dll - HP Explore Toolbar
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
Neutral Ycomp*_*_*_*.dll - Yahoo Companion!, http://companion.yahoo.com/
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
Neutral eHome Media Center PC related - Needed for Media Center Remote Functions
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
Safe Hewlett-Packard
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
Part of Hewlett-Packard
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
Very safe Hewlett Packard Software
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
Safe Application that implements the Intel Hotkey command.
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
Safe Unknown application. This entry was classified from our visitors as good.
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
Card reader for memory cards from digital cameras, etc
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
HP Deskjet 3320
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
Lvcomm server. Related to Logitech Quick Cam - works fine without it but it is needed for the Logitech ImageStudio software to connect to the camera
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
Neutral Must be fixed! Realtek AC97 Audio - Event Monitor. "Sypware" file used surreptitiously monitor one's actions. It is not a sinister one, like remote control programs, but it is being used by Realtek to gather data about customers
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
Safe Fuzzy Algorithmcheck (4.18 / 5.00), Safe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
Neutral Part of RealPlayer
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
Safe
O4 - HKLM..Run: [PDF3 Registry Controller] "C:Program FilesScanSoftPDF Professional 3.0\RegistryController.exe"
Part of ScanSoft OmniPagePro PDF Converter
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
HP CD/DVD Tray icon
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
StorageGuard from Veritas (this version by Sonic). Free utility that integrates with Backup MyPC (formerly Backup Exec Desktop), Simple Backup and MS Backup. Provides system tray access and background monitoring - warning you of files that havent recently been backed up. Required unless you backup manually on a regular basis or have scheduled backups
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
Very safe PC-Cillin antivirus software
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
Not dangerous, but unnecessary. Part of Adobe's Photoshop Album or Photoshop Elements packages - starts each time you connect an external image device to your PC (see here)
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
Safe This entry was classified from our visitors as good.
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
Neutral HP Digital Imaging related. What does it do and is it required?
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
Neutral nView
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
Safe This entry was classified from our visitors as good.
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"
Very safe Unknown application.
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
Very safe This entry was classified from our visitors as good.
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
Safe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
Very safe Wacom pen tablet driver
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
Nasty Fuzzy Algorithmcheck (3.29 / 5.00), Neutral
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
Safe To be fixed if not done intentionally. This entry was classified from our visitors as good.
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
The entry E&xport to Microsoft Excel has been identified as safe.
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Program Files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /100
The entry Open with Scansoft PDF Converter 3.0 has been identified as safe.
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
Safe The entry has been identified as safe.
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
Very safe The entry Sun Java Console has been identified as safe.
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesca.dll
The entry Messenger has been identified as safe.
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesca.dll
The entry Yahoo! Messenger has been identified as safe.
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
Safe To be fixed if the entry 'MUSICMATCH MX Web Player ' is unknown.
Unnecessary (deactivated) entry that can be fixed. Unknown buttons or entries in the 'Extras'-menu should be fixed.
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
Safe This entry was classified from our visitors as good.
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
Very safe This entry was classified from our visitors as good.
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
Very safe The entry Messenger has been identified as safe.
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
Neutral The entry Windows Messenger has been identified as safe.
O11 - Options group: [INTERNATIONAL] International*
Neutral
O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
Most of the entries present in this registry area are safe. Only OnFlow adds an unwanted plugins can be found here. OnFlow-Plugins have the following extension *.ofb.
O16 - DPF: TruePass EPF 7,0,100,730 - https://blrscr3.egs-seg.gc.ca/applets/e ... et-epf.cab
Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
Safe This entry was classified from our visitors as good.
O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/TechCo ... ontrol.cab
Very safe Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
Neutral Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
Safe This entry has been identified as safe.
O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - http://fulfillment.puretracks.com/onager.cab
Very safe Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... ent/wuweb_ site.cab?1108334142668
This entry has been identified as safe.
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... t/muweb_si te.cab?1131219638671
This entry has been identified as safe.
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://photoshare.shaw.ca/files/ImageUploader4.cab
This entry has been identified as safe.
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.22.58.150/activex/AxisCamControl.cab
This entry has been identified as safe.
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
Safe This entry has been identified as safe.
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab
Very safe This entry has been identified as safe.
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab
Safe Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
Safe This entry has been identified as safe. This entry was classified from our visitors as good.
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
Safe This entry was classified from our visitors as good.
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
Safe This entry was classified from our visitors as good.
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
Safe This service (Adobelmsvc.exe) was identified as a good one.
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
Safe This service (PhotoshopElementsFileAgent.exe) was identified as a good one.
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
Safe This service (IDriverT.exe) was identified as a good one. This entry was classified from our visitors as good.
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
Safe This service (LSSrvc.exe) was identified as a good one. This entry was classified from our visitors as good.
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~4\PcCtlCom.exe
This service (PcCtlCom.exe) was identified as a good one.
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~4\PcScnSrv.exe
This service (PcScnSrv.exe) was identified as a good one.
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\Producer 1935 Vol\ScsiAccess.exe
This service (ScsiAccess.exe) was identified as a good one.
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
Safe This service (PAStiSvc.exe) was identified as a good one. This entry was classified from our visitors as good.
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
Safe This service (Tablet.exe) was identified as a good one.
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~4\Tmntsrv.exe
This service (Tmntsrv.exe) was identified as a good one.
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe
This service (TmPfw.exe) was identified as a good one.
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~4\tmproxy.exe
This service (tmproxy.exe) was identified as a good one.
Short analysis
Use these tips at your own risk!

Â© 2004 - 2007 Mathias Mattner | Contact

by **nannybear** » Sat Sep 29, 2007 7:59 am

I am not having a problem per se, bu after reading this thread thought why not check it out. this is my computer:

Operating System System Model
Windows XP Media Center Edition Service Pack 2 (build 2600) HP Pavilion 061 DM164A-ABA M380N 0qz1114RE101YALE 10

Processor a Main Circuit Board b
3.00 gigahertz Intel Pentium 4
8 kilobyte primary memory cache
512 kilobyte secondary memory cache Board: ASUSTeK Computer INC. 'P4SD-LA' Rev 1.xx
Bus Clock: 200 megahertz
BIOS: American Megatrends Inc. 3.14 09/04/2003
Drives Memory Modules c,d
323.94 Gigabytes Usable Hard Drive Capacity
84.66 Gigabytes Hard Drive Free Space

HP DVD Writer 300n [CD-ROM drive]
HP DVD Writer 740e USB Device [CD-ROM drive]
JLMS XJ-HD166S [CD-ROM drive]
3.5" format removeable media [Floppy drive]

Generic STORAGE DEVICE USB Device [Hard drive] -- drive 6
Maxtor 6Y160P0 [Hard drive] (163.93 GB) -- drive 0, s/n Y429QPNE, rev YAR41BW0, SMART Status: Healthy
ST316002 3A USB Device [Hard drive] (160.04 GB) -- drive 5
USB CompactFlash USB Device [Hard drive] -- drive 1
USB MMC/SD USB Device [Hard drive] -- drive 3
USB MS/MS Pro USB Device [Hard drive] -- drive 4
USB SmartMedia USB Device [Hard drive] -- drive 2 2560 Megabytes Installed Memory

Slot 'DIMM0' has 256 MB (serial number SerNum0)
Slot 'DIMM1' has 1024 MB
Slot 'DIMM2' has 256 MB
Slot 'DIMM3' has 1024 MB
Local Drive Volumes

c: (NTFS on drive 0) 158.34 GB 55.00 GB free
d: (FAT32 on drive 0) 5.57 GB 974 MB free
z: (NTFS on drive 5) 160.03 GB 28.69 GB free
Network Drives
None detected
Users (mouse over user name for details) Printers
local user accounts last logon
Administrator 9/28/2007 9:15:20 PM (admin)
Mark Stephens 4/23/2007 2:55:23 PM (admin)
local system accounts
ASPNET never
Guest 6/29/2007 2:51:10 PM
HelpAssistant 10/28/2006 8:37:43 PM
SUPPORT_388945a0 never
SUPPORT_fddfa904 never

DISABLED Marks a disabled account; LOCKED OUT Marks a locked account

Brother QL-550 on USB002
DocuCom PDF Driver on DocuCom PDF Port:
hp deskjet 5550 series on USB001
HP Deskjet 9800 Series on USB003
Microsoft Shared Fax Driver on SHRFAX:
ScanSoft PDF Create! on DocuCom PDF Port:
Controllers Display
Standard floppy disk controller
Intel(R) 82801EB Ultra ATA Storage Controllers
Primary IDE Channel [Controller]
Secondary IDE Channel [Controller] NVIDIA GeForce FX 5200 [Display adapter]
Samsung SyncMaster [Monitor] (19.1"vis, s/n HVEY821928, August 2005)
Bus Adapters Multimedia
Intel(R) 82801EB USB Universal Host Controller - 24D2
Intel(R) 82801EB USB Universal Host Controller - 24D4
Intel(R) 82801EB USB Universal Host Controller - 24D7
Intel(R) 82801EB USB Universal Host Controller - 24DE
Standard Enhanced PCI to USB Host Controller Conexant 23880 Video Capture (Blackbird NTSC Dual-Input)
Conexant 2388x Crossbar Dual Input
Conexant 2388x MPEG Encoder (Dual-Input)
Conexant 2388x Tuner (Philips 1236 MK3)
Logitech Microphone (Pro 3000)
Realtek AC'97 Audio
TASCAM US-122
US-122 WDM Interface
USB Audio Device

by **gpsmikey** » Sat Sep 29, 2007 9:24 am

I think most of that is OK, it is interesting to note they had a problem with
"programme" vs "program" eh ?

For some reason, also, there seemed
to be an issue with things down a DOS style path instead of the windows
style (funny shortened names with a ~ in them). Hijack this is a very powerful
tool for seeing what sorts of things are running, but as I have commented
earlier, if you are not careful and just blindly check things and say "fix it" you
can find yourself unbootable in the worst case. Usually what I do when I
run it on my system is take any flagged as "suspicious" in some form or
another and do some more snooping with Google etc to see if I can find
any more information on that file. The Wacom one they flagged is in the
same location on my machine so I would not worry about that.

The best thing you can do is run behind a router to help block incomming stuff,
make sure your A/V is up to date, do NOT just blindly install "stuff" (AKA crap)
that various utilities want to install (like helper toolbars etc) unless you really
need them and set your internet security settings so that any active X or script
that wants to run prompts you first (sometimes I get tired of clicking "OK" on
stuff from Digital Juice for example - but then I remember the effort required
to get rid of stuff that installs if you aren't careful

)

mikey

by **nannybear** » Sat Sep 29, 2007 9:27 am

Thanks a bunch. I spent last night and this morning "cleaning" so I can spend the rest of the weekend on graphic stuff. Needed to make sure I had lots of room to play........hugs Jan

by **gpsmikey** » Sat Sep 29, 2007 9:39 am

nannybear wrote:Thanks a bunch. I spent last night and this morning "cleaning" so I can spend the rest of the weekend on graphic stuff. Needed to make sure I had lots of room to play........hugs Jan

heh -- just add another drive !! (or a bigger one). Currently, I have 1,650 gigs of
hard drive space in my main machine online (yes, that's 1.65 terabytes !! ). Of
course, one of those is a 500 gig in a removable cage (off a secondary IDE controller).

As my sig says ....

mikey

by **entanik** » Sun Sep 30, 2007 6:05 am

Hi all;

I use PC Guide for most of my PC related questions and problems. There are a number of helpful PC experts, is tightly controlled for spam and nonsense, and newbies are welcome without flames. It has a sub-forum for PC security.

http://www.pcguide.com/vb/

I'm at my wits end

Ran Hi Jack and this is what I found, now what??

This what I am running

Who is online