hkcmd and securitystronghold.com

**rfield55** · 10-26-2009, 11:15 AM

my puter is so slow that it takes 15 sec to respond to every mouse click. i suspect something in background is using up my ram (1 GB), etc. i am trying to find out which process (s) might be causing this. i see hkcmd on process list and search for that on net. a co called securitystronghold.com has removal tool for hkcmd and calls it a virus. when i try and download their tool i am suspicious that it is an exe that might be a virus itself. anyone know about hkcmd, is it a virus that should be removed and is this co legit? any other ideas about fixing my slows? thanks

**FadedMaster** · 10-26-2009, 11:27 AM

hkcmd appears to be for an Intel graphics card. Run HijackThis!
http://free.antivirus.com/hijackthis/

And just have it get a log and copy-paste that log on here.

Also, what do you have, if any, for anti-virus and anti-spyware software? Update and run scans with those before running HijackThis.

**rfield55** · 10-27-2009, 05:23 AM

thanks. will try that. i have AVG antivirus which runs automatically twice a day. i have spybot and crapcleaner and malwarebyte which i run abt once a week. slow problem been around several months.

**rfield55** · 10-27-2009, 05:32 AM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:31:26 AM, on 10/27/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\system32\hkcmd.exe
C:\WINDOWS.0\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS.0\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\PGWARE\SuperRam\SuperRamTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files\eFax Messenger 4.4\J2GTray.exe
C:\Documents and Settings\r\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kodak\printer\center\KodakSvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Program Files\PGWARE\SuperRam\SuperRamService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS.0\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS.0\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS.0\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS.0\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS.0\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SuperRam] "C:\Program Files\PGWARE\SuperRam\SuperRamTray.exe" /start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [eFax 4.4] "C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe" /R
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\r\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: eFax 4.4.lnk = C:\Program Files\eFax Messenger 4.4\J2GTray.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C9D14EA-583C-4C32-91F9-998AAFF2E4B3}: NameServer = 68.94.156.1 68.94.157.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS.0\SYSTEM32\avgrsstx.dll
O23 - Service: Alfa File Monitor Service (AFMService) - Unknown owner - C:\WINDOWS.0\system32\MultiAppNT.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak AiO Device Service (KodakSvc) - Eastman Kodak Company - C:\Program Files\Kodak\printer\center\KodakSvc.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Mozy, Inc. - C:\Program Files\MozyHome\mozybackup.exe
O23 - Service: SuperRam Memory Service (SuperRam) - PGWARE LLC - C:\Program Files\PGWARE\SuperRam\SuperRamService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 10068 bytes

**DemonBob** · 10-27-2009, 11:29 AM

The below two entries are the only two i see as "bad" according to search's. I know these are related to the ask tool bar, but i also see you have the yahoo toolbar. Why both? I would remove one.

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

File is missing on these so it's ok to remove.

O23 - Service: Alfa File Monitor Service (AFMService) - Unknown owner - C:\WINDOWS.0\system32\MultiAppNT.exe (file missing)

Don't need this at startup.

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

What are the specs of your computer?

Also remove weatherbug, it's spyware infested normally.

**FadedMaster** · 10-27-2009, 03:36 PM

Through your normal means (Add/Remove Programs), uninstall the following if you can:

WeatherBug
SuperRam
Askbar
Yahoo! Toolbar

You don't have to remove the last two if you don't want to. But I personally don't find much use for them and they usually install as part of some other software.

If you don't share any Apple equipment, like AppleTV and such, then you can get rid of Bonjour. iPods will still work for syncing. You can also get rid of Google Update.

I wouldn't bother with any RAM management programs like SuperRam. In my experience, those things tend to do more harm than good. Windows is pretty good about dealing with RAM on it's own.

As DemonBob asked, I would also like to know your PC's specs. Also, after you're done cleaning things up (run CCleaner too), run a defrag of your hard drive.

**rfield55** · 10-28-2009, 01:51 PM

Belarc result

System Security Status CIS Benchmark Score
3.13 of 10 (details...)

Virus Protection
Up-to-date

Microsoft Security Updates
1 missing

Computer Profile Summary
Computer Name: S-1acb3ad0e4104 (in RLF)
Profile Date: Wednesday, October 28, 2009 2:28:02 PM
Advisor Version: 8.1b
Windows Logon: r

Plan for your next computer refresh...
click for Belarc's System Management products

Operating System System Model
Windows XP Professional Service Pack 3 (build 2600)
Install Language: English (United States)
System Locale: English (United States) Dell Inc. OptiPlex GX280
System Service Tag: FFHXJ71 (support for this PC)
Asset Tag: 2504124
Chassis Serial Number: FFHXJ71
Enclosure Type: Desktop
Processor a Main Circuit Board b
2.80 gigahertz Intel Pentium 4
16 kilobyte primary memory cache
1024 kilobyte secondary memory cache
Not hyper-threaded Board: Dell Inc. 0G8310
Serial Number: ..CN137404BT00VJ.
Bus Clock: 800 megahertz
BIOS: Dell Inc. A04 02/09/2005
Drives Memory Modules c,d
39.99 Gigabytes Usable Hard Drive Capacity
10.16 Gigabytes Hard Drive Free Space

SAMSUNG CD-ROM SC-148A
3.5" format removeable media [Floppy drive]

Canon MP480 series USB Device [Hard drive] -- drive 1
ST340014AS [Hard drive] (40.00 GB) -- drive 0, SMART Status: Healthy 1016 Megabytes Usable Installed Memory

Slot 'DIMM1' has 256 MB
Slot 'DIMM2' has 256 MB
Slot 'DIMM3' has 256 MB
Slot 'DIMM4' has 256 MB
Local Drive Volumes

c: (NTFS on drive 0) 39.99 GB 10.16 GB free

Network Drives
None detected
Users (mouse over user name for details) Printers
local user accounts last logon
r 10/28/2009 4:22:22 AM (admin)
local system accounts
Administrator never (admin)
Guest never
HelpAssistant never
SUPPORT_388945a0 never

Marks a disabled account; Marks a locked account Canon MP480 series Printer on USB002
eFax 4.4 on eFax_4_4_Port
KODAK ESP-3 AiO on USB001
Microsoft XPS Document Writer on XPSPort:

Controllers Display
Standard floppy disk controller
Intel(R) 82801FB Ultra ATA Storage Controllers - 2651
Intel(R) 82801FB/FBM Ultra ATA Storage Controllers - 266F
Primary IDE Channel [Controller] (2x) Intel(R) 82915G/GV/910GL Express Chipset Family [Display adapter] (2x)
Aopen F70CS [Monitor] (17.1"vis, s/n 41701562LE09, April 2004)
Bus Adapters Multimedia
Intel(R) 82801FB/FBM USB Universal Host Controller - 2658
Intel(R) 82801FB/FBM USB Universal Host Controller - 2659
Intel(R) 82801FB/FBM USB Universal Host Controller - 265A
Intel(R) 82801FB/FBM USB Universal Host Controller - 265B
Intel(R) 82801FB/FBM USB2 Enhanced Host Controller - 265C SoundMAX Integrated Digital Audio
Virus Protection [Back to Top] new Group Policies
AVG Anti-Virus Free Version 8.5
Virus Definitions Version Up To Date
Realtime File Scanning On
None discovered
Communications Other Devices

Broadcom NetXtreme 57xx Gigabit Controller
primary Auto IP Address: 192.168.1.64 / 16
Gateway: 192.168.0.1
Dhcp Server: 192.168.0.1
Physical Address: 00:11:43:19:19:1A

Networking Dns Servers: 192.168.0.1
68.94.156.1
68.94.157.1
HID-compliant consumer control device (2x)
HID-compliant device
USB Human Interface Device (3x)
Canon MP480 ser
HID Keyboard Device
HID-compliant mouse
Generic USB Hub (2x)
USB Composite Device (2x)
USB Mass Storage Device
USB Printing Support
USB Root Hub (5x)

See your entire network map...
click for Belarc's System Management products

new Network Map (mouse over IP address for physical address) [Back to Top]
IP Device Type Device Details Device Roles
192.168.1.64 Windows XP Workstation S-1acb3ad0e4104 (in RLF),
s-1acb3ad0e4104.domain_not_set.invalid, Dell

Find your security vulnerabilities...
click for Belarc's System Management products

Missing Microsoft Security Hotfixes [Back to Top]
These required security hotfixes (using the 10/13/2009 Microsoft Security Bulletin Summary) were not found installed. Note: CIS benchmarks require that Critical and Important severity security hotfixes must be installed.
Q973923 - Moderate (details...)

Manage all your software licenses...
click for Belarc's System Management products

Software Licenses [Back to Top]

Belarc - Advisor 4952b8f2
Microsoft - Internet Explorer 55274-OEM-0057441-09642 (Key: KGY9K-TY7PT-BBB7M-G9QHW-JQTFT)e
Microsoft - WebFldrs XP 12345-111-1111111-05732
Microsoft - Windows XP Professional 55274-OEM-0057441-09642 (Key: KGY9K-TY7PT-BBB7M-G9QHW-JQTFT)e
PGWARE - SuperRam 331L707C1N20040122154418AA

Find unused software and reduce licensing costs...
click for Belarc's System Management products

new Software Versions & Usage (mouse over i for details, click i for location) [Back to Top]
ı i Adobe Acrobat Version 9.1.0.2009022700
i Adobe AIR 1.0.1 Version 1.0.1
ıı i Adobe Reader Version 9.1.0.2009022700
ı i Alcatel-Lucent - mcci+McciCMService Version 6,6,0,12
ı i Analog Devices, Inc. - SMax4PNP Application Version 5, 2, 0, 5
ı i Apple Inc. - Bonjour Version 1,0,6,2
ı i Apple Inc. - iTunes Version 9.0.1.8
i Apple Inc. - QuickTime QuickTime 7.6.4 (1327.73)
ı i Apple Mobile Device Service Version 2.50.39.0
ı i Apple Software Update Version 2.1.1.116
ı i ArcSoft - PhotoImpression Version 4.0.1.63
i AVG Internet Security Version 8.5.0.422
ı i AWS Convergence Technologies, Inc. - WeatherBug Version 6, 7, 0, 17
ı i Belarc, Inc. - Advisor Version 8.1b
i Broderbund MyJak Version 1, 0, 0, 1
i Cinematronics - 3D Pinball Version 5.1.2600.5512
ı i Core FTP Version 2, 1, 0, 0
i Cosmi Corporation - Auto Update Version 1.0.0.0
i Create and edit drawings, flow charts, and logos by using Draw.
i Create and edit presentations for slideshows, meeting and Web pages by using Impress.
i Create and edit scientific formulas and equations by using Math.
ı i Create and edit text and graphics in letters, reports, documents and Web pages by using Writer.
i Eastman Kodak Company - KODAK AiO Home Center Version 2.4.829.0
ı i Eastman Kodak Company - KODAK AiO Printer Driver Version 2.7.151
ı i Eastman Kodak Company - KodakSvc Version 2.4.829.0
ıı i Google Chrome Version 0.0.0.0
ı i Google Update Version 1.2.131.7
ı i Intel(R) Common User Interface Version 7.0.0.4396
i Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421 - WS_FTP Pro Version 2007,1,0,0
i j2 Global Communications, Inc. - eFax Messenger (tm) Version 4.4.0.514
ı i Malwarebytes' Anti-Malware Version 1.38
i Manage databases, create queries and reports to track and manage your information by using Base.
i Microsoft (R) Windows Script Host Version 5.7.0.18066
ı i Microsoft Corporation - Internet Explorer Version 6.00.2900.5512
i Microsoft Corporation - Messenger Version 4.7.3001 i Microsoft Corporation - Windows Installer - Unicode Version 3.1.4001.5512
i Microsoft Corporation - Windows Movie Maker Version 2.1.4026.0
i Microsoft Corporation - Windows® NetMeeting® Version 3.01
i Microsoft Corporation - Zone.com Version 1.2.626.1
i Microsoft Data Access Components Version 3.525.1132.0
i Microsoft® .NET Framework Version 2.0.50727.3053
i Microsoft® .NET Framework Version 3.0.6920.1427
ı i Microsoft® Windows® Operating System Version 11.0.5721.5145
ı i Mozilla Corporation - Firefox Version 2.0.0.20
ı i MozyHome Remote Backup Version 1.12.1.0
i MozyHome Remote Backup Version 1.14.0.0
ı i OpenOffice.org 3.0
ı i OpenOffice.org 3.0 Version 3.00.9379
ı i Opera Internet Browser Version 10.00
i PCCam
ı i Perform calculation, analyze information and manage lists in spreadsheets by using Calc.
i PGWARE LLC - SuperRam Version 6.0.0.0
i Piriform Ltd - CCleaner Version 2, 23, 0, 999
ı i RealNetworks, Inc. - RealPlayer (32-bit) Version 0.1.1.137
ı i RealNetworks, Inc. - RealPlayer (32-bit) Version 11.0.0.544
i RealNetworks, Inc. - RealPlayer (32-bit) Version 7.0.1.68
ı i REGISTER32 Application Version 3, 1, 0, 1
i Safer Networking Limited - Secure Shredder Version 1.9.0.0
i Safer Networking Limited - Spybot - Search & Destroy Version 1, 5, 2, 0
i Safer Networking Limited - Spybot - Search & Destroy Version 1, 6, 0, 30
ıı i Safer Networking Limited - SpyBot-S&D Version 1, 6, 2, 0
i Smith Micro. All rights reserved. - CheckIt Registry Cleaner Version 2.0.2.6
ı i Sun Microsystems, Inc. - Java(TM) Platform SE 6 U13 Version 6.0.130.3
i sweb.exe
ı i The Church of Jesus Christ of Latter-day Saints - Personal Ancestral File Version 5.2.8.0
ı i The Weather Channel Interactive, Inc. - DW6 Version 6.0.0.11
ı i Trend Micro Inc. - HijackThis Version 2.00.0002
ı i USB DSC Version 1, 7, 2, 8
ı i Yahoo! AutoUpdater Version 1.0.0.53
ı i Yahoo! Messenger Version 9,0,0,2162

i Mouse over to see details, click to see where software is installed.
ı Marks software last used within the past 7 days.
ıı Marks software last used within the past 90 days, but over 7 days ago.
ııı Marks software last used within the past year, but over 90 days ago.
ıııı Marks software last used over 1 year ago.
Unmarked software lacks the data to determine last use.

Audit your security posture...
click for Belarc's System Management products

Installed Microsoft Hotfixes [Back to Top]
.NET Framework 2.0 Service Pack 2
KB958481 on 8/9/2009 (details...)
KB974417 on 10/14/2009 (details...)
.NET Framework 3.0 Service Pack 2
KB958483 on 8/9/2009 (details...)
.NET Framework 3.5 SP1
KB958484 on 8/9/2009 (details...)
KB963707 on 9/2/2009 (details...)
Internet Explorer
SP3 (SP3)
MSXML4SP2
KB954430 on 2/4/2009 (details...)
Windows Media Format 11 SDK
SP0
KB929399 on 9/23/2009 (details...)
Windows Media Player 11
SP0
KB939683 on 9/23/2009 (details...)
KB954154_WM11 on 9/23/2009 (details...)
Windows Media Player
SP0
KB952069_WM9 on 2/5/2009 (details...)
KB954155_WM9 on 10/14/2009 (details...)
KB968816_WM9 on 9/9/2009 (details...)
KB973540_WM9 on 8/13/2009 (details...)
Windows XP
SP0
KB941569 on 9/23/2009 (details...)
SP10
MSCOMPPACKV1 on 9/22/2009 (Microsoft Compression Client Pack 1.0 for Windows XP)
SP3
KB898461 on 2/4/2009 (details...)
SP4
KB923561 on 4/17/2009 (details...)
KB938464 on 2/5/2009 (details...)
KB946648 on 2/5/2009 (details...)
KB950762 on 2/5/2009 (details...)
KB950974 on 2/5/2009 (details...)
KB951066 on 2/5/2009 (details...)
KB951376-V2 on 2/5/2009 (details...)
KB951698 on 2/5/2009 (details...)
KB951748 on 2/5/2009 (details...)
KB951978 on 2/5/2009 (details...)
KB952004 on 4/17/2009 (details...)
KB952287 on 2/5/2009 (details...)
KB952954 on 2/5/2009 (details...)
KB954211 on 2/5/2009 (details...)
KB954459 on 2/5/2009 (details...)
KB954550-V5 on 8/9/2009 (details...)
KB954600 on 2/5/2009 (details...)
KB955069 on 2/5/2009 (details...)
KB955839 on 2/5/2009 (details...)
Windows XP
SP4 (continued)
KB956391 on 2/5/2009 (details...)
KB956572 on 4/17/2009 (details...)
KB956744 on 8/13/2009 (details...)
KB956802 on 2/5/2009 (details...)
KB956803 on 2/5/2009 (details...)
KB956841 on 2/5/2009 (details...)
KB956844 on 9/9/2009 (details...)
KB957097 on 2/5/2009 (details...)
KB958215 on 2/5/2009 (details...)
KB958644 on 2/5/2009 (details...)
KB958687 on 2/5/2009 (details...)
KB958690 on 4/6/2009 (details...)
KB958869 on 10/14/2009 (details...)
KB959426 on 4/17/2009 (details...)
KB960225 on 4/6/2009 (details...)
KB960714 on 2/5/2009 (details...)
KB960715 on 2/11/2009 (details...)
KB960803 on 4/17/2009 (details...)
KB960859 on 8/13/2009 (details...)
KB961118 on 8/10/2009 (details...)
KB961371 on 7/16/2009 (details...)
KB961373 on 4/17/2009 (details...)
KB961501 on 6/12/2009 (details...)
KB963027 on 4/17/2009 (details...)
KB967715 on 2/25/2009 (details...)
KB968389 on 10/14/2009 (details...)
KB968537 on 6/12/2009 (details...)
KB969059 on 10/14/2009 (details...)
KB969897 on 6/12/2009 (details...)
KB969898 on 6/12/2009 (details...)
KB970238 on 6/12/2009 (details...)
KB970653-V3 on 8/26/2009 (details...)
KB971486 on 10/14/2009 (details...)
KB971557 on 8/13/2009 (details...)
KB971633 on 7/16/2009 (details...)
KB971657 on 8/13/2009 (details...)
KB971961 on 9/9/2009 (details...)
KB972260 on 7/30/2009 (details...)
KB973346 on 7/16/2009 (details...)
KB973354 on 8/13/2009 (details...)
KB973507 on 8/13/2009 (details...)
KB973525 on 10/14/2009 (details...)
KB973815 on 8/13/2009 (details...)
KB973869 on 8/13/2009 (details...)
KB974112 on 10/14/2009 (details...)
KB974455 on 10/14/2009 (details...)
KB974571 on 10/14/2009 (details...)
KB975025 on 10/14/2009 (details...)
KB975467 on 10/14/2009 (details...)

sorry for length of these

i have removed ask and yahoo toolbars, and bonjour. want to keep wetherbug and superram. had these for years and never noticed slow caused by them. did run defrag yesterday.

**rfield55** · 10-28-2009, 02:11 PM

forgot to say thanks to you guys. very helpful.
i dont know how to remove
O23 - Service: Alfa File Monitor Service (AFMService) - Unknown owner - C:\WINDOWS.0\system32\MultiAppNT.exe (file missing)

Don't need this at startup.

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

would that be via dos window and rem or del command?
i have run crapcleaner and pc optimizer too.

**FadedMaster** · 10-29-2009, 02:46 PM

In Hijack This, check the box next to it, and choose "Fix" or something along those lines. I don't recall exactly what the button is.

» Forum Navigation

» Advertisement