# Windows 7 Desktop & Taskbar Keep Refreshing



## cd2702 (Apr 25, 2010)

Noticed this problem began just a couple of days ago. Basically what happens is every 30 seconds or so, the icons on the taskbar turn blank and refresh themselves. The same happens with the icons on the desktop page. Have AVG security and ran a scan yet it turned up nothing. Also ran a scan using Malwarebytes Anti-Malware and it too turned up nothing.

Computer Specs (new to this so forgive me if I leave something crucial out)

Genuine Intel(R) CPU T1350 @ 1.86 GHz 933 MHz
Installed Memory (RAM) : 1.00 GB
32 Bit operating system
Been running Windows 7 Ultimate for almost a month now.

The refreshing usually doesn't take more than a second or two but every now and then windows will crash and reset itself. Also, sometimes it gets stuck refreshing itself and that is quite annoying. 

Thanks for any and all help!


----------



## antech (Feb 23, 2010)

Consider reinstalling the graphic card drivers.


Follow the below instructions Carefully:
1. Download HiJackThis from the link in my signature
2. Run a Scan.
3. Save a Logfile(On your Desktop)
4. DO NOT FIX ANYTHING BY YOURSELF.
(Fixing Anything Might cause Unwanted System Instability,BSOD's and Even Render your System Unusable)
5.Copy and Paste all the contents
6. Paste them in the reply Window


----------



## cd2702 (Apr 25, 2010)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:49 AM, on 4/25/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6231 bytes


----------



## antech (Feb 23, 2010)

I cant figure out anything by seeing the log.
Run a Quick Scan using SAS and MalwareBytes.
Did the problem persisted from the fresh install of windows 7?
Consider upgrading the graphic card drivers if any updates are available


----------



## Rich-M (May 3, 2006)

I agree I would run malwarebytes for sure, it feels like there is some spyware there but I can't see it and I hope you realize Avg could be worse than useless for protection these days.


----------



## antech (Feb 23, 2010)

Whats the status cd?
BTW,whats your graphic card model no?


----------



## cd2702 (Apr 25, 2010)

Still running the SAS scan; it's only turned up an adware tracking cookie thus far. The malwarebytes scan didn't turn up anything.
Sorry for the dumb question, but I can't figure out how to find the graphics card model no.


----------



## cd2702 (Apr 25, 2010)

Also, rich, what would you recommend for anti-virus protection?


----------



## Rich-M (May 3, 2006)

cd2702 said:


> Also, rich, what would you recommend for anti-virus protection?


I only recommend Nod32 4.0 or Kaspersky Antivirus 2010 these days as I have yet to see an infected pc with either one onboard.


----------



## cd2702 (Apr 25, 2010)

Thanks rich, I'll make the switch soon as I can. 

The SAS scan just finished. I have 72 items of "Adware Tracking Cookies" and 2 items of "Unclassified Unknown Origin".

The two unclassified items are :
L:\12_30_09\!KILLBOX\AMSTREAMD.DLL(1)
L:\12_30_09\!KILLBOX\AMSTREAMD.DLL(2)


----------



## Rich-M (May 3, 2006)

Well the tracking cookies don't mean much and many do not consider them a problem at all, while I do in large quantities, but the "unclassifieds" could either be false positives or the answer.


----------



## cd2702 (Apr 25, 2010)

Well I cleared the items that SAS found and the problem still persists!


----------



## Rich-M (May 3, 2006)

I have asked for a malware specialist to read this log, but before they get here please uninstall the torrent downloader which they will ask you to do anyway.


----------



## cd2702 (Apr 25, 2010)

Alright will do Rich. Thanks for the help.


----------



## dvk01 (Dec 14, 2002)

before going any further with this one


Please go *here* using Internet Explorer.
Click on "Windows Validation Assistant"
Click on the "Validate Now" button.
Be patient while the ActiveX loads, do not click on any links.
Read the instructions on this page while it's loading. You will be prompted to install - click YES.
Enter your product key then click "continue"
When it says "Validation Complete" please click "Continue to return to your previous activity"
Copy what it says and paste it here.

I have never seen windows 7 ultimate on such a low spec computer so need to ensure it is a legitamte version of windows that has been installed


----------



## antech (Feb 23, 2010)

As to find the graphic card make and model no.
1. *Right click* on *Computer.*
2. Click on *device manager* on the left havd side browser tree.
3. The* Device Manager* will open now.
4. *Double Click* on the *Display Adapters.*
*5. Carefully note the name that comes under under it*

*See under this:*









And this :










It should be something like the highlighted above.
(NOTE: Can be anything like Intel/Matrox/ATI/NVIDIA)


----------



## dvk01 (Dec 14, 2002)

This is a common W7 problem with too little memory or when something is crashing explorer, which automatically restarts on W7. It might be malware related but 

NO-ONE is to offer ANY help or further advice until we get the results of the validation. We will not offer any help if it turns out to be a pirate copy


----------



## antech (Feb 23, 2010)

OK


> dvk01


,
SIR.
Roger that


----------



## laughfactory (May 19, 2010)

I have this same problem and my copy of windows 7 is legit (I've validated it and purchased the system new with Win 7 installed). This refresh problem is just irritating as hell, so if you can help me out I'd appreciate it greatly!

When I validated my copy of windows (as you requested of the previous asker) all I got was a message "Windows validation was successful."


----------



## antech (Feb 23, 2010)

laughfactory said:


> I have this same problem and my copy of windows 7 is legit (I've validated it and purchased the system new with Win 7 installed). This refresh problem is just irritating as hell, so if you can help me out I'd appreciate it greatly!
> 
> When I validated my copy of windows (as you requested of the previous asker) all I got was a message "Windows validation was successful."


*Follow the below* *Instructions Carefully*:

*1. Download* *Hijack this* *from the* *link.*

*(Choose the installer of HJT-Hijack This)*

2. *Run a* *Scan*.

*DO NOT FIX ANYTHING BY YOURSELF.*

*(Doing so when NOT Instructed Might cause Unwanted* *System Instability, BSOD's and Even Render your System Unusable*)

*3. Save* a *Log file* *(On your Desktop)*

*4. Copy* *and* *Paste all the contents.*

*5.* *Paste them* *in the* *Reply Window.*

*I am NOT an Authorized Malware Remover.*

*The Log is requested by me only for Optimization Purposes, troubleshooting and removing applications that are causing various problems such as Crashing, BSOD's and Freezing and helping the poster remove any incompatible application/program and driver.*

*I will therefore NOT help if anything related to Malware is found in your log.*

*The thread will then be moved to the Malware Removal Forums for expert assistance.*


----------



## laughfactory (May 19, 2010)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:48:22 AM, on 5/20/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\MHotKey.exe
C:\Windows\ChiFuncExt.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Abe\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Gizmo\gizmo.exe
C:\Users\Abe\AppData\Roaming\NppToR\NppToR.exe
C:\Program Files (x86)\TaskCoach\taskcoach.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Acer Display\eDisplay Management\DTHtml.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
C:\Windows\CNYHKey.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Windows\ModLedKey.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Minefield\firefox.exe
C:\Program Files (x86)\Minefield\plugin-container.exe
C:\Users\Abe\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\devenv.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Expression\Blend 3\Blend.exe
C:\Program Files (x86)\Microsoft Expression\Blend 3\Microsoft.Expression.WebServer.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Abe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=sx2802&r=173601107807p0338v1i5k4831r232
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=sx2802&r=173601107807p0338v1i5k4831r232
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=sx2802&r=173601107807p0338v1i5k4831r232
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe -A
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT ACR] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LchDrvKey] LchDrvKey.exe
O4 - HKLM\..\Run: [LedKey] CNYHKey.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Abe\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [rpccrypt3D] rundll32.exe "C:\Users\Abe\AppData\Local\rpccrypt3D\rpccrypt3D.dll", DllInit
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [GizmoDriveDelegate] RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Abe\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: NpptoR.lnk = ?
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Stint.lnk = C:\Program Files (x86)\Stint\Stint.exe
O4 - Startup: Task Coach.lnk = C:\Program Files (x86)\TaskCoach\taskcoach.exe
O4 - Global Startup: Gizmo.lnk = C:\Program Files (x86)\Gizmo\gizmo.exe
O4 - Global Startup: OfficeSAS.lnk = ?
O8 - Extra context menu item: Add to &Evernote - res://C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll/2000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{78D774A2-A736-4A40-BF01-D42985C71792}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{78D774A2-A736-4A40-BF01-D42985C71792}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{78D774A2-A736-4A40-BF01-D42985C71792}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: 
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: Gizmo Central - Arainia Solutions - C:\Program Files (x86)\Gizmo\gservice.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Listener Service (sprtlisten) - SupportSoft, Inc. - C:\Program Files (x86)\Common Files\supportsoft\bin\sprtlisten.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Zune Wireless Configuration Service (ZuneWlanCfgSvc) - Unknown owner - C:\Windows\system32\ZuneWlanCfgSvc.exe (file missing)

--
End of file - 18850 bytes


----------

