Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mouse clicks havoc in windows explorer and various internet browsers


  • Please log in to reply
4 replies to this topic

#1 PS31

PS31

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Location:Sydney Australia
  • Local time:04:11 AM

Posted 21 March 2010 - 01:21 AM

I have HP XW4400 machine, 64 bit with Windows 7. C-drive is active drive with operating system and programs. D-Drive is for data. I have image of these drives for 5th March 2010.

My right hand mouse click is not working as expected in windows explorer and in internet browsers of my choice. They are Firefox, Google and Internet Explorer.

The behavior is as follows.

Windows Explorer:
1. Double clicking on a folder or a drive to further explore it, does not do so. (Original Window)
2. As I highlight the drive or folder using tab key and hitting return on it does open the drive or folder. (1st Result Window)
3. Right clicking the mouse on the mouse in the results windows will throw me back to original results windows.

Internet Browser:
1. I can be on any web page (let us call it home page).
2. Click on any hyperlink, keeps me on the home page, i.e. does not take me to new page.
3. Right click on the hyper link and choosing "open in new window/tab" does open the required page.

What I have done so far:

1. Restored the image of C-drive.
2. Booted the machine for first time in normal mode.
3. Updated the Sophos AntiVirus.
4. Ran a scan - found nothing.
5. Rebooted the machine in safe mode.
6. Ran a scan - found the Java/DI-G virus in temp folder which was removed. Installed Adaware - ran scan - no malware. Ran CWSherder from trend micro - nothing found.
7. The behavior of right click of mouse does not improve.
8. Tried updating Windows defender; which gave me error.
9. As per Microsoft support website I ran windows 7 set up in upgrade mode.
10. Updated windows defender successfully.
11. Ran the full scan of defender, no malware/virus found.
12. Ran House call software from Trend Micro - no malware/virus found.
13. Updated Sophos once again, ran full scan - no malware/virus found.
14. Installed Adaware - ran scan - no malware
15. Ran CWSherder from trend micro - nothing found.

Now I am at stage where, it appears that my option will be to fresh install the Windows 7 and all other programs.


I submitt HiJackThis Log below:

-------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:07:07 PM, on 21/03/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
C:\Program Files (x86)\DynDNS Updater\DynTray.exe
C:\Windows\HPLiteSaver.exe
C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files (x86)\Portrait Displays\HP Display Assistant\dthtml.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\PDF Complete\pdfsty.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\WindowsMobile\WmdHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
L:\BleepingComputers\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Sophos Web Content Scanner - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files (x86)\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [DT Task] "C:\Program Files (x86)\Portrait Displays\HP Display Assistant\DTHtml.exe" -startup_folder
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files (x86)\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [Winsock2 driver] lsass32.exe
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~3.EXE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [SpeedUpMyPC] "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files (x86)\WinTV\Ir.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: DynDNS Updater Tray Icon.lnk = C:\Program Files (x86)\DynDNS Updater\DynTray.exe
O4 - Global Startup: HP Display LiteSaver Startup.lnk = C:\Windows\HPLiteSaver.exe
O4 - Global Startup: WinTV Recording Status..lnk = C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files (x86)\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {181BCAB2-C89B-4E4B-9E6B-59FA67A426B5} (Nsepa Control) - https://remoteaccess.apra.gov.au/epa/vista/nsepa.ocx
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://vmwareevents.webex.com/client/T26L/...ex/ieatgpc1.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECDB9AE4-AE45-4336-965A-7279A4DDB6E4}: NameServer = 216.146.35.35,216.146.36.36
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files (x86)\Portrait Displays\HP Display Assistant\DTSRVC.exe
O23 - Service: DynDNS Updater - Dynamic Network Services, Inc. - C:\Program Files (x86)\DynDNS Updater\DynUpSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SalesLogix Server (SalesLogix Server Service) - Sage Software, Inc. - C:\Program Files (x86)\SalesLogix\SLXServer.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Plc - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: SalesLogix SpeedSearch (SlxSearch) - Sage Software, Inc. - C:\Program Files (x86)\SalesLogix\SpeedSearch\Bin\SLXSearchService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Windows Activation Technologies Service (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 21290 bytes

-------------------------------------------------------

CWShredder report below:

--------------------------------------------------------
**** Run Keys ****

RUN: []
RUN: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
RUN: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
RUN: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
RUN: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
RUN: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
RUN: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
RUN: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
RUN: [CPMonitor] "C:\Program Files (x86)\Roxio Creator 2009\5.0\CPMonitor.exe"
RUN: [DT Task] "C:\Program Files (x86)\Portrait Displays\HP Display Assistant\DTHtml.exe" -startup_folder
RUN: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
RUN: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
RUN: [PDF Complete] "C:\Program Files (x86)\PDF Complete\pdfsty.exe"
RUN: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
RUN: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
RUN: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
RUN: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
RUN: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
RUN: [Winsock2 driver] lsass32.exe
RUN: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~3.EXE
RUN: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
RUN: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background


**** Browser Helper Objects ****

BHO: []
BHO: [HP Print Enhancer] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: [Adobe PDF Link Helper] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: [Skype add-on (mastermind)] C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: [Sophos Web Content Scanner] C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll
BHO: [Sophos Web Content Scanner] C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll
BHO: [Search Helper] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: [Groove GFS Browser Helper] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: [Java™ Plug-In SSV Helper] C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: [Windows Live ID Sign-in Helper] C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: [Google Toolbar Helper] C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: [Adobe PDF Conversion Toolbar Helper] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: [Google Toolbar Notifier BHO] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
BHO: [Java™ Plug-In 2 SSV Helper] C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: [Windows Live Toolbar Helper] C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO: [SmartSelect Class] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: [HP Smart BHO Class] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll


**** IE Toolbars ****

TOOLBAR: [&Windows Live Toolbar] C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TOOLBAR: [Google Toolbar] C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TOOLBAR: [Adobe PDF] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll


**** IE Extensions ****

IEExt: [Blog This]
IEExt: [Send to OneNote]
IEExt: [@C:\Windows\WindowsMobile\INetRepl.dll,-222]
IEExt: [@C:\Windows\WindowsMobile\INetRepl.dll,-222]
IEExt: [@C:\Windows\WindowsMobile\INetRepl.dll,-222]
IEExt: [Skype]
IEExt: [Research]
IEExt: [Show or hide HP Smart Web Printing]


**** Hosts File Entries ****

HOSTS: 127.0.0.1 localhost
HOSTS: ::1 localhost
HOSTS: ::1 localhost


**** IE Settings ****

IEBypass: 127.0.0.1;localhost
Default Page: http://go.microsoft.com/fwlink/?LinkId=69157
Default Search: http://go.microsoft.com/fwlink/?LinkId=54896
Local Page: C:\Windows\system32\blank.htm
Search Bar: http://www.google.com/ie
Search Page: http://go.microsoft.com/fwlink/?LinkId=54896


**** IE Context Menu (Right click) ****

IEContext: [&Windows Live Search] res://C:\Program Files (x86)\Windows Live Toolbar\msntb.dll/search.htm
IEContext: [Append Link Target to Existing PDF] res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IEContext: [Append to Existing PDF] res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IEContext: [Convert Link Target to Adobe PDF] res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IEContext: [Convert to Adobe PDF] res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IEContext: [E&xport to Microsoft Excel] res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000


**** Layered Service Providers ****

LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: MSAFD Tcpip [TCP/IPv6]
LSP: MSAFD Tcpip [UDP/IPv6]
LSP: RSVP TCPv6 Service Provider
LSP: RSVP TCP Service Provider
LSP: RSVP UDPv6 Service Provider
LSP: RSVP UDP Service Provider


**** Blocked Control Panel Items ****



**** Downloaded Program Files ****

{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab] C:\Windows\System32\OGACheckControl.DLL
{0CCA191D-13A6-4E29-B746-314DEE697D83} [http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab] C:\Windows\System32\unicows.dll
{166B1BCA-3F9C-11CF-8075-444553540000} [http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab]
{17492023-C23A-453E-A040-C7C580BBF700} [http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab]
{181BCAB2-C89B-4E4B-9E6B-59FA67A426B5} [https://remoteaccess.apra.gov.au/epa/vista/nsepa.ocx]
{1E54D648-B804-468d-BC78-4AFFED8E262F} [http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab]
{20A60F0D-9AFA-4515-A0FD-83BD84642501} [http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab]
{233C1507-6A77-46A4-9443-F871F945D258} [http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab]
{5D6F45B3-9043-443D-A792-115447494D24} [http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab]
{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} [http://www.systemrequirementslab.com/sysreqlab2.cab]
{73ECB3AA-4717-450C-A2AB-D00DAD9EE203} [http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab] C:\Program Files (x86)\HP\Common\iPAQInfo_2003.dll C:\Program Files (x86)\HP\Common\iPAQInfo_510.dll
{74DBCB52-F298-4110-951D-AD2FF67BC8AB} [http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab]
{8100D56A-5661-482C-BEE8-AFECE305D968} [http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab]
{8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab]
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab]
{B8BE5E93-A60C-4D26-A2DC-220313175592} [http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab]
{BD393C14-72AD-4790-A095-76522973D6B8} [http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab]
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} [http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab]
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab]
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab]
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab]
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab]
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab]
{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [http://www.adobe.com/products/acrobat/nos/gp.cab]
{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [https://vmwareevents.webex.com/client/T26L/webex/ieatgpc1.cab]
{F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} [https://secure.gopetslive.com/dev/GoPetsWeb.cab]


**** Windows Services ****

[AcronisOSSReinstallSvc] "C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe"
[Adobe Version Cue CS4] "C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" -win32service
[AeLookupSvc] %systemroot%\system32\svchost.exe -k netsvcs
[ALG] %SystemRoot%\System32\alg.exe
[AppHostSvc] %windir%\system32\svchost.exe -k apphost
[AppIDSvc] %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
[Appinfo] %SystemRoot%\system32\svchost.exe -k netsvcs
[Apple Mobile Device] "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
[AudioEndpointBuilder] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[AudioSrv] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[AxInstSV] %SystemRoot%\system32\svchost.exe -k AxInstSVGroup
[BDESVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[BFE] %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
[BITS] %SystemRoot%\System32\svchost.exe -k netsvcs
[Bonjour Service] "C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
[Browser] %SystemRoot%\System32\svchost.exe -k netsvcs
[bthserv] %SystemRoot%\system32\svchost.exe -k bthsvcs
[CertPropSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[clr_optimization_v2.0.50727_32] %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[clr_optimization_v2.0.50727_64] %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
[COMSysApp] %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k NetworkService
[CscService] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[DcomLaunch] %SystemRoot%\system32\svchost.exe -k DcomLaunch
[defragsvc] %SystemRoot%\system32\svchost.exe -k defragsvc
[Dhcp] %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
[Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService
[dot3svc] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[DPS] %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
[DTSRVC] C:\Program Files (x86)\Portrait Displays\HP Display Assistant\DTSRVC.exe
[DynDNS Updater] C:\Program Files (x86)\DynDNS Updater\DynUpSvc.exe
[EapHost] %SystemRoot%\System32\svchost.exe -k netsvcs
[EFS] %SystemRoot%\System32\lsass.exe
[ehRecvr] %systemroot%\ehome\ehRecvr.exe
[ehSched] %systemroot%\ehome\ehsched.exe
[eventlog] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[EventSystem] %SystemRoot%\system32\svchost.exe -k LocalService
[Fax] %systemroot%\system32\fxssvc.exe
[fdPHost] %SystemRoot%\system32\svchost.exe -k LocalService
[FDResPub] %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
[FLEXnet Licensing Service] "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
[FLEXnet Licensing Service 64] "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
[FontCache] %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
[FontCache3.0.0.0] %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[fsssvc] "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe"
[gpsvc] %systemroot%\system32\svchost.exe -k netsvcs
[gupdate] "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
[gusvc] "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
[HauppaugeTVServer] C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
[hidserv] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[hkmsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HomeGroupListener] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[HomeGroupProvider] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[IDriverT] "C:\Program Files (x86)\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
[idsvc] "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
[IKEEXT] %systemroot%\system32\svchost.exe -k netsvcs
[IPBusEnum] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[iphlpsvc] %SystemRoot%\System32\svchost.exe -k NetSvcs
[iPod Service] "C:\Program Files\iPod\bin\iPodService.exe"
[KeyIso] %SystemRoot%\system32\lsass.exe
[KtmRm] %SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation
[LanmanServer] %SystemRoot%\system32\svchost.exe -k netsvcs
[LanmanWorkstation] %SystemRoot%\System32\svchost.exe -k NetworkService
[LightScribeService] "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
[lltdsvc] %SystemRoot%\System32\svchost.exe -k LocalService
[lmhosts] %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
[Mcx2Svc] %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
[MDM] "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
[Microsoft Office Groove Audit Service] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe"
[MMCSS] %SystemRoot%\system32\svchost.exe -k netsvcs
[MpsSvc] %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork
[MSDTC] %SystemRoot%\System32\msdtc.exe
[MSiSCSI] %systemroot%\system32\svchost.exe -k netsvcs
[msiserver] %systemroot%\system32\msiexec.exe /V
[MSSQL$SALESLOGIX] "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSALESLOGIX
[MSSQL$SQLEXPRESS] "c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
[MSSQLServerADHelper] "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe"
[msvsmon90] "C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe" /service msvsmon90
[napagent] %SystemRoot%\System32\svchost.exe -k NetworkService
[Netlogon] %systemroot%\system32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[NetMsmqActivator] "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" -NetMsmqActivator
[NetPipeActivator] "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
[netprofm] %SystemRoot%\System32\svchost.exe -k LocalService
[NetTcpActivator] "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
[NetTcpPortSharing] "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
[NlaSvc] %SystemRoot%\System32\svchost.exe -k NetworkService
[nsi] %systemroot%\system32\svchost.exe -k LocalService
[odserv] "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
[ose] "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
[p2pimsvc] %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet
[p2psvc] %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet
[PcaSvc] %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[pdfcDispatcher] C:\Program Files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService
[PeerDistSvc] %SystemRoot%\System32\svchost.exe -k PeerDist
[PerfHost] %SystemRoot%\SysWow64\perfhost.exe
[pla] %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork
[PlugPlay] %SystemRoot%\system32\svchost.exe -k DcomLaunch
[PNRPAutoReg] %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet
[PNRPsvc] %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet
[PolicyAgent] %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted
[Power] %SystemRoot%\system32\svchost.exe -k DcomLaunch
[ProfSvc] %systemroot%\system32\svchost.exe -k netsvcs
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[QWAVE] %windir%\system32\svchost.exe -k LocalServiceAndNoImpersonation
[RasAuto] %SystemRoot%\System32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\System32\svchost.exe -k netsvcs
[ReflectService] "C:\Program Files\Macrium\Reflect\ReflectService.exe"
[RemoteAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[RemoteRegistry] %SystemRoot%\system32\svchost.exe -k regsvc
[Roxio UPnP Renderer 11] "C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe"
[Roxio Upnp Server 11] "C:\Program Files (x86)\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe"
[RoxLiveShare11] "C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe"
[RoxMediaDB11] "C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe"
[RoxMediaDB9] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"
[RoxWatch11] "C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe"
[RpcEptMapper] %SystemRoot%\system32\svchost.exe -k RPCSS
[RpcLocator] %SystemRoot%\system32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost.exe -k rpcss
[SalesLogix Server Service] "C:\Program Files (x86)\SalesLogix\SLXServer.exe"
[SamSs] %SystemRoot%\system32\lsass.exe
[SAVAdminService] "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe"
[SAVService] "C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe"
[SCardSvr] %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
[Schedule] %systemroot%\system32\svchost.exe -k netsvcs
[SCPolicySvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[SDRSVC] %SystemRoot%\system32\svchost.exe -k SDRSVC
[SeaPort] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
[seclogon] %windir%\system32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SensrSvc] %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
[SessionEnv] %SystemRoot%\System32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[SlxSearch] "C:\Program Files (x86)\SalesLogix\SpeedSearch\Bin\SLXSearchService.exe"
[SNMPTRAP] %SystemRoot%\System32\snmptrap.exe
[Sophos AutoUpdate Service] "C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe"
[Spooler] %SystemRoot%\System32\spoolsv.exe
[sppsvc] %SystemRoot%\system32\sppsvc.exe
[sppuinotify] %SystemRoot%\system32\svchost.exe -k LocalService
[SQLBrowser] "C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
[SQLWriter] "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
[SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
[SstpSvc] %SystemRoot%\system32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc
[stllssvr] "C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe"
[StorSvc] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[swprv] %SystemRoot%\System32\svchost.exe -k swprv
[SysMain] %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[TabletInputService] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[TapiSrv] %SystemRoot%\System32\svchost.exe -k NetworkService
[TBS] %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation
[TermService] %SystemRoot%\System32\svchost.exe -k NetworkService
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[THREADORDER] %SystemRoot%\system32\svchost.exe -k LocalService
[TrkWks] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[TrustedInstaller] %SystemRoot%\servicing\TrustedInstaller.exe
[ufad-ws60] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files (x86)\VMware\VMware Workstation\\" -s ufad-p2v.xml
[UI0Detect] %SystemRoot%\system32\UI0Detect.exe
[UmRdpService] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[upnphost] %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation
[UxSms] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[VaultSvc] %SystemRoot%\system32\lsass.exe
[vds] %SystemRoot%\System32\vds.exe
[VMAuthdService] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe"
[VMUSBArbService] C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
[VSS] %systemroot%\system32\vssvc.exe
[W32Time] %SystemRoot%\system32\svchost.exe -k LocalService
[W3SVC] %windir%\system32\svchost.exe -k iissvcs
[WAS] %windir%\system32\svchost.exe -k iissvcs
[WatAdminSvc] C:\Windows\system32\Wat\WatAdminSvc.exe
[wbengine] "%systemroot%\system32\wbengine.exe"
[WbioSrvc] %SystemRoot%\system32\svchost.exe -k WbioSvcGroup
[wcncsvc] %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation
[WcsPlugInService] %SystemRoot%\system32\svchost.exe -k wcssvc
[WdiServiceHost] %SystemRoot%\System32\svchost.exe -k LocalService
[WdiSystemHost] %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted
[WebClient] %SystemRoot%\system32\svchost.exe -k LocalService
[Wecsvc] %SystemRoot%\system32\svchost.exe -k NetworkService
[wercplsupport] %SystemRoot%\System32\svchost.exe -k netsvcs
[WerSvc] %SystemRoot%\System32\svchost.exe -k WerSvcGroup
[WinDefend] %SystemRoot%\System32\svchost.exe -k secsvcs
[WinHttpAutoProxySvc] %SystemRoot%\system32\svchost.exe -k LocalService
[Winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WinRM] %SystemRoot%\System32\svchost.exe -k NetworkService
[Wlansvc] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[wlidsvc] "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
[wmiApSrv] %systemroot%\system32\wbem\WmiApSrv.exe
[WMPNetworkSvc] "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe"
[WPCSvc] %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted
[WPDBusEnum] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[wscsvc] %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted
[WSearch] %systemroot%\system32\SearchIndexer.exe /Embedding
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[wudfsvc] %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted
[WwanSvc] %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork
[RapiMgr] %SystemRoot%\system32\svchost.exe -k WindowsMobile
[WcesComm] %SystemRoot%\system32\svchost.exe -k WindowsMobile


**** Custom IE Search Items ****



**** Complete IE Options ****

IEOPT: [AlwaysShowMenus]
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [CompatibilityFlags]
IEOPT: [ControlTooltipCount]
IEOPT: [Disable Script Debugger] no
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Enable Browser Extensions] yes
IEOPT: [FullScreen] no
IEOPT: [IE8RunOnceLastShown]
IEOPT: [IE8RunOnceLastShown_TIMESTAMP]
IEOPT: [IE8TourShown]
IEOPT: [IE8TourShownTime]
IEOPT: [LastCheckedHi]
IEOPT: [Local Page] C:\Windows\system32\blank.htm
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [NoUpdateCheck]
IEOPT: [Play_Animations] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [RunOnceComplete]
IEOPT: [RunOnceHasShown]
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Search Bar] http://www.google.com/ie
IEOPT: [Search Page] http://go.microsoft.com/fwlink/?LinkId=54896
IEOPT: [SearchMigrated]
IEOPT: [SearchMigratedDefaultName] Google
IEOPT: [SearchMigratedDefaultURL] http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IEOPT: [SearchMigratedInstalled]
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] http://go.microsoft.com/fwlink/?LinkId=69157
IEOPT: [Start Page Redirect Cache] http://ninemsn.com.au/?ocid=iehp
IEOPT: [Start Page Redirect Cache AcceptLangs] en-au
IEOPT: [Start Page Redirect Cache_TIMESTAMP]
IEOPT: [StartPageCache]
IEOPT: [StatusBarOther]
IEOPT: [TabShutdownDelay]
IEOPT: [Use FormSuggest] no
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [UseClearType] no
IEOPT: [Window_Placement] ,
IEOPT: [XMLHTTP]
IEOPT: [AutoHide] yes
IEOPT: [Security Risk Page] about:SecurityRisk
IEOPT: [Extensions Off Page] about:NoAdd-ons
IEOPT: [Default_Search_URL] http://go.microsoft.com/fwlink/?LinkId=54896
IEOPT: [Default_Page_URL] http://go.microsoft.com/fwlink/?LinkId=69157
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Default_Secondary_Page_URL]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Start Page] http://go.microsoft.com/fwlink/?LinkId=69157
IEOPT: [Local Page] C:\Windows\SysWOW64\blank.htm
IEOPT: [Search Page] http://go.microsoft.com/fwlink/?LinkId=54896
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Enable_Disk_Cache] yes

--------------------------------------------------------

Any advice to resolve this situation will be much appreciated.


Thank you in advance.

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:11 PM

Posted 21 March 2010 - 08:18 AM

Id replace your mouse.

#3 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:10:11 AM

Posted 21 March 2010 - 02:17 PM

Please let us know if you wish this topic moved to the proper forum due to the logs included. You will need to be patient before the logs can be reviewed.

Alternatively, if you want the post edited and logs saved so that you can do some preliminary troubleshooting. Let us know which avenue you wish to take.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#4 Layback Bear

Layback Bear

  • Members
  • 1,880 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern Ohio
  • Local time:12:11 PM

Posted 21 March 2010 - 06:53 PM

More logs than I need. I will go along with cryptodan. Try another mouse; maybe back to the PS2.

#5 PS31

PS31
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Location:Sydney Australia
  • Local time:04:11 AM

Posted 21 March 2010 - 08:28 PM

Replacing the mouse; I did consider it but only replaced the batteris of the mouse and it appears to work fine in other applications, so I am bit unsure if replacing mouse is going to work. Non the leess, I will replace and post back.

Moving topic to another forum; It will be great if you can move the post to appropriate forum for analysis of the logs.

Cheers




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users