Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

newlandman

6 Posts

10505

November 23rd, 2005 14:00

My Computer Folder Slow To Load/Device Manager Page Blank

I have a Dim 4700 With Xp Home running.When I try to open My Computer A Search Flashlight appears for about 3 mins before the folder opens.Also the device manager page is blank but all hardware is functioning OK.I've tried system restore,no go,and ihave tried setting plug and play in component services to automatioc still no go. Does any one have any suggestions please
Thank you

Augie65

818 Posts

November 23rd, 2005 15:00

For the search problem, try this:
Click Start, Run and type this command:

regsvr32 /i shell32.dll
If that doesn't help, see this Microsoft Support.

For the Device Manager not displaying, can you see it from safe mode? If not, the only thing I could suggest is to run the system file checker to restore any corrupt files. To run System File Checker:

Click on Start then Run. In the Run box, type sfc /scannow and then OK.
Note: space between c and /
You may be asked for your Windows CD, if asked insert it

If you can see it from safe mode. You might have a virus or a application conflict.

Message Edited by Augie65 on 11-23-2005 11:53 AM

dlunsford

2 Posts

November 23rd, 2005 16:00

I have been having this same problem since yesterday.  Have you found a resolution?!

newlandman

6 Posts

November 23rd, 2005 16:00


@dlunsford wrote:
I have been having this same problem since yesterday. Have you found a resolution?!





No I have not found a solution yet but will post when I do

Augie65

818 Posts

November 23rd, 2005 20:00

If you haven't found a fix yet, you might try this one. It is a fix for spyware from Apropos which is causing this problem. Aproposfix.exe. Aproposfix.exe must be run in safe mode! Save it to your desktop but do NOT run it yet. Restart and tap F8 and select safe mode.
Once in Safe Mode, double-click aproposfix.exe.
This will create a new folder on your desktop called aproposfix.
Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.

It is important that this has to be performed in safe mode, because in Normal mode, windows doesn't see the files, so they can't be deleted as well.

Reboot back to normal mode.

dlunsford

2 Posts

November 23rd, 2005 22:00

I just did this and all my issues have been resolved.  Thank you SO much!!!!!  :smileywink:

Augie65

818 Posts

November 24th, 2005 00:00

You are very welcome, glad to be of help.

newlandman

6 Posts

November 24th, 2005 00:00

Thank you very much the fix worked great
Newlandman out

sskamin

29 Posts

November 25th, 2005 18:00

I have also been having this problem since Wednesday with my Dimension 4300.  How about the drop down list of destinations when you save a document?  That was also very slow.  And did either of you also have problems with the address bar in Internet Explorer?  It takes 30 sec to go to a page if I type the URL in the form www.xxx.com, but goes right to it if I just type "xxx" (whatever it may be) and hit CTRL-ENTER, or if I included the http:// prefix.  Weird.

I'm going to try the fixes in this thread--was it the apropos virus fix that did the trick?

Steve Kamin

sskamin

29 Posts

November 25th, 2005 19:00

Yes, it worked for me too, corrected all the problems I mentioned.  I didn't think it would work because when I ran Run this, I got an error message, but then it went along and did its thing.  It did request that I post a log and a Hijackthis log afterwards, which I haven't done (shame on me) but it seems to be working OK now. Hope it continues.

newlandman

6 Posts

November 25th, 2005 19:00

The apropos fix cured my problem totally
Make sure to follow the directions exactly
Good Luck
Newlandman Out

sskamin

29 Posts

November 25th, 2005 20:00

For what it's worth, here is my Hijack this log after running aproposfix:
 
Logfile of HijackThis v1.99.1
Scan saved at 4:43:03 PM, on 11/25/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Roxio\GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
C:\WINDOWS\DELLMMKB.EXE
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\iissrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Roxio\GoBack\GBTray.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Stephen\My Documents\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://cgi.verizon.net/bookmarks/bmredir.asp?region=all&bw=dsl&cd=6.1&bm=ho_search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cgi.verizon.net/bookmarks/bmredir.asp?region=all&bw=dsl&cd=6.1&bm=ho_home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:9022
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UB Class - {00000000-15D9-4736-AB29-131578A45F2B} - C:\WINDOWS\system32\wsrchc3.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D714A94F-123A-45CC-8F03-040BCAF82AD6} - C:\WINDOWS\Downloaded Program Files\SbCIe028.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: Amplify - {FA6D230B-173A-49D1-ABFA-34392994EC7A} - C:\Program Files\Amplify\AmplifyToolbar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dll
O3 - Toolbar: Net Snippets - {67970B26-F57D-4455-8262-81C3AE3B8B5E} - C:\PROGRA~1\NETSNI~1\NetSnip.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll (file missing)
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRA~1\PANICW~1\POP-UP~1\dpps2.exe"
O4 - HKLM\..\Run: [QuickTime Update Completion 1] "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeUpdateHelper.exe"              -destfullpath "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeEssentials.qtx" -sourcefullpath "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeEssentials.qtx.new00"  -atboottime "QuickTime Update Completion 1"
O4 - HKLM\..\Run: [QuickTime Update Completion 2] "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeUpdateHelper.exe"              -destfullpath "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeStreaming.qtx" -sourcefullpath "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeStreaming.qtx.new00"  -atboottime "QuickTime Update Completion 2"
O4 - HKLM\..\Run: [QuickTime Update Completion 3] "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeUpdateHelper.exe"              -destfullpath "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeWebHelper.qtx" -sourcefullpath "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeWebHelper.qtx.new00"  -atboottime "QuickTime Update Completion 3"
O4 - HKLM\..\Run: [QuickTime Update Completion 4] "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeUpdateHelper.exe"              -destfullpath "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeInternetExtras.qtx" -sourcefullpath "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeInternetExtras.qtx.new00"  -atboottime "QuickTime Update Completion 4"
O4 - HKLM\..\Run: [QuickTime Update Completion 5] "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeUpdateHelper.exe"              -destfullpath "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeStreamingExtras.qtx" -sourcefullpath "C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeStreamingExtras.qtx.new00"  -atboottime "QuickTime Update Completion 5"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [wxdxoda] C:\WINDOWS\svchost.exe
O4 - HKLM\..\Run: [mpcsrv] C:\WINDOWS\system32\mpcsrv.exe
O4 - HKLM\..\Run: [iissrv] C:\WINDOWS\iissrv.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE
O4 - Global Startup: GoBack.lnk = C:\Program Files\Roxio\GoBack\GBTray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &FastSeeker Search - res://C:\Program Files\FastSeeker\FastSeekerToolbar011203.dll/cmsearch.html
O8 - Extra context menu item: A&dd To Amp - res://C:\Program Files\Amplify\resources.dll/contextmenuaddto.html
O8 - Extra context menu item: Add to Net Snippets - C:\PROGRA~1\NETSNI~1\Res\Clipper.htm
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: SideStep - {3E230861-5C87-11D3-A1C6-00105A1B41B8} - C:\WINDOWS\Downloaded Program Files\SbCIe028.dll
O9 - Extra button: Snippets - {7130DF06-BBC1-4e16-83D4-1F875E65B695} - C:\PROGRA~1\NETSNI~1\NetSnip.dll
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} - http://207.188.7.150/03f26ccd4b853d796516/netzip/RdxIE.cab
O16 - DPF: {38F5F92F-BD40-40DF-A569-6C1FCB638190} (InSPECS3_0 Control) - http://www.powerleap.com/cab_files/InSPECS3_0.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20020323/qtinstall.info.apple.com/qt505/us/win/QuickTimeInstaller.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/02324ebfa809966c4018/netzip/RdxIE601.cab
O16 - DPF: {63849D57-928A-492B-A4E0-8E76F70F3E54} (XSigner Class) - http://www2.umdnj.edu/~ppsarapp/XSigner.cab
O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://download.sidestep.com/get/k00719/sb028.cab
O16 - DPF: {776706AE-CACA-4EA3-93DF-BB83D9259DA9} (MailConfigure Class) - http://supportservices.msn.com/us/smtptool/MailCfg.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://ziniobeta.earthc.net/images.zinio.com/reader/isetup.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto_Installer/dwnldr_ext.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15016/CTPID.cab
O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - (no file)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: GBPoll - Roxio, Inc. - C:\Program Files\Roxio\GoBack\GBPoll.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
 

sskamin

29 Posts

November 25th, 2005 20:00

Oh,yes, and the log geLog of AproposFix v1
 
************
 
Running from directory: 
C:\Documents and Settings\Stephen\My Documents\aproposfix
 
************
 
Registry entries found:
 
[HKEY_LOCAL_MACHINE\Software\C1ThoAC7ZWt9]
@="jC3Aiw5IJJIJJKJ49w4.4BIJJIYLJsejZksoJAGAB 4POJz90D 9AJ4yz2zC47KAGA"
"Device"=" \\\\.\\mramgmt"
"DriverPath"="C:\\WINDOWS\\system32\\drivers\\mcdkdump.sys"
"DriverName"="NulsMan"
"HideUninstallerName"="C:\\Program Files\\Hewgital\\clbsswch.exe"
"HDll"="C:\\WINDOWS\\system32\\ir3d3d8.dll"
"ServerAddress"="adchannel.contextplus.net"
"LegalNote"=" http://adchannel.contextplus.net/legal-note/nonbranded.html"
"PartnerId"="WB.OLD"
"InstallationId"="{Hc9a694e-3a6e-669c-af63-bd4c8601b7ff}"
"PageFiltering"=dword:00000001
"ClientName"="C:\\Program Files\\Hewgital\\imgctres.exe"
"AutoUpdater"="C:\\WINDOWS\\system32\\icfintui.exe"
"Version"="2.0.128"
"CrMnTmt"=dword:0036ee80
 
************
 
Removing hidden service:
Service NulsMan removed.
 
Removing hidden folder:
Deletion of folder Hewgital succeeded!
 
Deleting files:
 
Deletion of file C:\WINDOWS\system32\drivers\mcdkdump.sys succeeded!
Deletion of file C:\WINDOWS\system32\icfintui.exe succeeded!
Deletion of file C:\WINDOWS\system32\ir3d3d8.dll succeeded!
 
Backing up files:
Done!
 
Removing registry entries:
 
REGEDIT4
 
[-HKEY_CURRENT_USER\Software\C1ThoAC7ZWt9]
[-HKEY_LOCAL_MACHINE\Software\C1ThoAC7ZWt9]
 
Done!
 
Finished!
nerated by aproposfix
 
 
thanks everyone for their help.
 
Steve Kamin

Was this post helpful?

View All

No Events found!

Top