I have tried everything mentioned to fix the problem. I can't get it to work in safe mode neither. It goes to 82k objects in registry scan and hangs up. I have included a HJT log to see if you huys see anything.Thanks
Logfile of HijackThis v1.99.1
Scan saved at 8:43:15 PM, on 8/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\program files\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NSClean\BOClean\BOCORE.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\apvxdwin.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\SRVLOAD.EXE
C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe
C:\PROGRA~1\NSClean\BOClean\BOC421.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Thunderbird-Tray\TBTray.exe
C:\PROGRAM FILES\MAXTHON\MAXTHON.EXE
C:\PROGRA~1\MOZILL~1\thunderbird.exe
C:\Program Files\ZipGenius 6\zipgenius.exe
C:\Documents and Settings\HP_Owner\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bellsouth.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8129
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [BOC-421] C:\PROGRA~1\NSClean\BOClean\BOC421.EXE
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [KBD] "C:\HP\KBD\KBD.EXE"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\SSUPDATE.EXE" Software\SUPERAntiSpyware.com\SUPERAntiSpyware
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Global Startup: TB-Tray.lnk = C:\Program Files\Thunderbird-Tray\TBTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: + &Download Express: download this file - C:\Program Files\Download Express\Add_Url.htm
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Options - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O9 - Extra 'Tools' menuitem: RoboForm Options - {320AF880-6646-11D3-ABEE-C5DBF3571F4C} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComOptions.html
O9 - Extra button: Customize - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra 'Tools' menuitem: Customize Menu - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Sandboxie Toolbar - {11E506DC-0976-4CDA-BB30-37E60A2F2F46} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: Sandboxie - {11E506DC-0976-4CDA-BB30-37E60A2F2F46} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone (HKLM)
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - http://65.83.242.107/sdccommon/download/tgctlcm.cab
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1137805340093
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} - http://download.zonelabs.com/bin/promotion...canner37710.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} -
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: BOCore - Privacy Software Corporation - C:\Program Files\NSClean\BOClean\BOCORE.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program files\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\psimsvc.exe
O23 - Service: SageTV - Frey Technologies, LLC - C:\Program Files\SageTV\SageTV\SageTVService.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
Ad-Aware SE Build 1.06r1
Logfile Created on:Wednesday, August 02, 2006 8:41:38 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R117 02.08.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
None
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
8-2-2006 8:41:38 PM - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 608
ThreadCreationTime : 8-3-2006 12:24:35 AM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 700
ThreadCreationTime : 8-3-2006 12:24:43 AM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\SYSTEM32\
ProcessID : 732
ThreadCreationTime : 8-3-2006 12:24:45 AM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 776
ThreadCreationTime : 8-3-2006 12:24:47 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 788
ThreadCreationTime : 8-3-2006 12:24:47 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 940
ThreadCreationTime : 8-3-2006 12:24:49 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [tpsrv.exe]
FilePath : C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\
ProcessID : 1004
ThreadCreationTime : 8-3-2006 12:24:50 AM
BasePriority : Normal
FileVersion : 7, 0, 0, 0
ProductVersion : 7, 0, 0, 0
ProductName : TPSrv Application
CompanyName : Panda Software
FileDescription : TPSrv Application
InternalName : TPSrv
LegalCopyright : © 2006 Panda Software. All rights reserved.
OriginalFilename : TPSrv.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1108
ThreadCreationTime : 8-3-2006 12:25:04 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [pavsrv51.exe]
FilePath : C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\
ProcessID : 1204
ThreadCreationTime : 8-3-2006 12:25:04 AM
BasePriority : High
FileVersion : 2, 0, 1840, 22
ProductVersion : 2.0.1840.21
ProductName : Panda Antivirus for Windows NT/2000/XP/2003
CompanyName : Panda Software International
FileDescription : On-Access Antivirus Scanner Service.
InternalName : pavsrv.exe
LegalCopyright : © Panda Software 2006.
#:10 [avengine.exe]
FilePath : C:\Program Files\Panda Software\Panda Platinum 2006 Internet Security\
ProcessID : 1260
ThreadCreationTime : 8-3-2006 12:25:05 AM
BasePriority : Normal
FileVersion : 2, 0, 1840, 26
ProductVersion : 2.0.1840.25
ProductName : Panda Antimalware File Protection
CompanyName : Panda Software International
FileDescription : Enhanced On-Access Antivirus Scanner Process.
InternalName : avengine
LegalCopyright : © Panda Software 2006.
OriginalFilename : avengine.exe
#:11 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1432
ThreadCreationTime : 8-3-2006 12:25:09 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
<STOP>
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
8:41:48 PM Scan stopped by user
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:00:09.390
Objects scanned:800
Objects identified:0
Objects ignored:0
New critical objects:0
Full Version: SE freezes.HJT log included
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Ad-Aware SE Resolved/Inactive Issues
Hi bmwowner,
The HJT experts need to see the header of your HJT log, something like this example:
Also, posting an up-to-date Ad-Aware scan log would assist them .
Please make sure that you are using
Ad-aware SE Build 106r1
Note: If your version is 6.0 and not the SE, you need to uninstall and get the latest version from the above link.
[if not Uninstall your old Ad-aware first then install SE]
Then use the WebUpDate
to get the latest Definition file
SE1R117 02.08.2006 NB: when you click the up-date button, it may tell you that version SE1R140 is ready - ignore this typo, as SE1R117 will download
To do this Open Ad-aware
Click the WebUpDate
button at the top right hand side of the Ad-aware screen (The world globe).
Click "Connect"
Ad-aware will then download the latest Definition file for you.
To make sure it is updated , look at the main
Ad-aware screen, and look under "Initialization Status"
It should say the Latest Definition file.
then scan doing a "FullScan"
and then post your logfile here by using the Add-Reply Feature .
As Logs are stored in :
C:\Documents and Settings\USERNAME\Application Data\Lavasoft\Ad-aware\Logs\.
An easy way to get there is to
click Start,
click Run
And type in and press ENTER: %appdata%
then click Lavasoft
then Ad-Aware
and then Logs.
scroll down to find the latest one that you have
(by date & time)
and open it right Click select all
copy and then paste the contents of it here.
Make sure that all of your Logfile has been posted, sometimes it will require two post's to get it all
Thanks,
Spike
The HJT experts need to see the header of your HJT log, something like this example:
QUOTE
Logfile of HijackThis v1.99.1
Scan saved at 23:11:46, on 28/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Scan saved at 23:11:46, on 28/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Also, posting an up-to-date Ad-Aware scan log would assist them .
Please make sure that you are using
Ad-aware SE Build 106r1
Note: If your version is 6.0 and not the SE, you need to uninstall and get the latest version from the above link.
[if not Uninstall your old Ad-aware first then install SE]
Then use the WebUpDate
to get the latest Definition file
SE1R117 02.08.2006 NB: when you click the up-date button, it may tell you that version SE1R140 is ready - ignore this typo, as SE1R117 will download
To do this Open Ad-aware
Click the WebUpDate
button at the top right hand side of the Ad-aware screen (The world globe).
Click "Connect"
Ad-aware will then download the latest Definition file for you.
To make sure it is updated , look at the main
Ad-aware screen, and look under "Initialization Status"
It should say the Latest Definition file.
then scan doing a "FullScan"
and then post your logfile here by using the Add-Reply Feature .
As Logs are stored in :
C:\Documents and Settings\USERNAME\Application Data\Lavasoft\Ad-aware\Logs\.
An easy way to get there is to
click Start,
click Run
And type in and press ENTER: %appdata%
then click Lavasoft
then Ad-Aware
and then Logs.
scroll down to find the latest one that you have
(by date & time)
and open it right Click select all
copy and then paste the contents of it here.
Make sure that all of your Logfile has been posted, sometimes it will require two post's to get it all
Thanks,
Spike
Ok. I just edited my previous post with the info.
Anybody?
Hi bmwowner
Sorry for the delay - LS CalamityJane will be with you shortly - you might have noticed from all the new posts, that she is pretty snowed-under right now.
Please be patient - and bumping your post slows things down, as they answered from oldest to newest
Regards,
Spike
Sorry for the delay - LS CalamityJane will be with you shortly - you might have noticed from all the new posts, that she is pretty snowed-under right now.
Please be patient - and bumping your post slows things down, as they answered from oldest to newest
Regards,
Spike
Hi ,
Apologies for the late reply, we've been quite swamped in here as you can probably see.
Are you still needing help?
I'm now subscribed to this topic so I will receive a notice from the board as soon as you reply, so I can be here much more quickly than it has taken to get to your new topic.
I don't see any problems in your logs, I think we can rule out malware.
You do need to fix the 015 items, that is caused by BOClean when you test it with Leaktester or if it finds a nasty on your PC, it doesn't re-set those zones right, so HJT mis-interprets them. Just scan with HijackThis and checkmark the 015's then press the *fix checked* button.
........................................................
Here's my list of known steps to try for Adaware Freezing issues.
One observation recently for the freezing is that certain security software all running at the same time can cause conflicts. A number of Adaware users who also are running the beta version of SpySweeper have reported that disabling SpySweeper during an Adaware scan has resolved that conflict.
To temporarily disable SpySweeper:
Right click the Spy sweeper icon in the notification area (right side) of the system tray and choose shut down.
Try scanning again with Adaware, it should be able to complete the scan.
To re-enable SpySweeper:
Start it again from Start > All programs > Webroot > Spy Sweeper
...............................
If that isn't it, try these various steps.
First, do a disk cleanup to clear the browser cache and other unnecessary files.
Go to Start > Run and type in the box: Cleanmgr
Wait while Windows scans your system for files to delete.
Make sure these 3 are checkmarked and press *ok* to delete them.
Temporary Files
Temporary Internet Files
Recycle Bin
If you are still having a problem, there can be a number of reasons for this issue. Please try these steps next to see if any resolve the problem.
From the Ad-Aware FAQ
Q: Ad-Aware freezes while performing a scan.
A: There are a number of possible reasons behind this problem. To correct:
* First, update to Build 1.06 and download the latest definition file if you have not done so.
* Second, it is highly recommended that you run a disk defragmentation on your computer, then a thorough “Check� or “Scan Disk� depending on your Windows version. Try scanning in safe mode.
* Third, start Ad-Aware scan from the Windows command line. Do as follows:
o Click "Start", then "Run". Next, type the text shown below (including the quotation marks and with the same spacing as shown) for your version of Ad-Aware SE:
"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnukep
o Click “OK�.
o Note: The path above (between the quotes) is the default location of Ad-Aware SE. If you installed your Ad-Aware to a different directory, adjust the path accordingly. For Ad-Aware SE Personal, when the GUI launches, click “Start�, then “Full System Scan�. Click “Next�, then “OK�.
o When the scan is complete, select “Next�. In the “Scanning Results� window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove, then click “Next�, then OK�.
* If you still have problems, cancel before the scan reaches the point of stalling -- for example, after 20 objects are detected. Click “Cancel� on your log file. Remove any objects you want and rescan. Again, stop the scan before it reaches the point of stalling and remove any additional objects. Then try a full scan without stopping it. This should work for you now.
If still no joy, try these steps:
Ad-Aware Freezing Issue
http://www.lavasoftsupport.com/index.php?s...amp;hl=Freezing
.
Apologies for the late reply, we've been quite swamped in here as you can probably see.
Are you still needing help?
I'm now subscribed to this topic so I will receive a notice from the board as soon as you reply, so I can be here much more quickly than it has taken to get to your new topic.
I don't see any problems in your logs, I think we can rule out malware.
You do need to fix the 015 items, that is caused by BOClean when you test it with Leaktester or if it finds a nasty on your PC, it doesn't re-set those zones right, so HJT mis-interprets them. Just scan with HijackThis and checkmark the 015's then press the *fix checked* button.
........................................................
Here's my list of known steps to try for Adaware Freezing issues.
One observation recently for the freezing is that certain security software all running at the same time can cause conflicts. A number of Adaware users who also are running the beta version of SpySweeper have reported that disabling SpySweeper during an Adaware scan has resolved that conflict.
To temporarily disable SpySweeper:
Right click the Spy sweeper icon in the notification area (right side) of the system tray and choose shut down.
Try scanning again with Adaware, it should be able to complete the scan.
To re-enable SpySweeper:
Start it again from Start > All programs > Webroot > Spy Sweeper
...............................
If that isn't it, try these various steps.
First, do a disk cleanup to clear the browser cache and other unnecessary files.
Go to Start > Run and type in the box: Cleanmgr
Wait while Windows scans your system for files to delete.
Make sure these 3 are checkmarked and press *ok* to delete them.
Temporary Files
Temporary Internet Files
Recycle Bin
If you are still having a problem, there can be a number of reasons for this issue. Please try these steps next to see if any resolve the problem.
From the Ad-Aware FAQ
Q: Ad-Aware freezes while performing a scan.
A: There are a number of possible reasons behind this problem. To correct:
* First, update to Build 1.06 and download the latest definition file if you have not done so.
* Second, it is highly recommended that you run a disk defragmentation on your computer, then a thorough “Check� or “Scan Disk� depending on your Windows version. Try scanning in safe mode.
* Third, start Ad-Aware scan from the Windows command line. Do as follows:
o Click "Start", then "Run". Next, type the text shown below (including the quotation marks and with the same spacing as shown) for your version of Ad-Aware SE:
"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnukep
o Click “OK�.
o Note: The path above (between the quotes) is the default location of Ad-Aware SE. If you installed your Ad-Aware to a different directory, adjust the path accordingly. For Ad-Aware SE Personal, when the GUI launches, click “Start�, then “Full System Scan�. Click “Next�, then “OK�.
o When the scan is complete, select “Next�. In the “Scanning Results� window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove, then click “Next�, then OK�.
* If you still have problems, cancel before the scan reaches the point of stalling -- for example, after 20 objects are detected. Click “Cancel� on your log file. Remove any objects you want and rescan. Again, stop the scan before it reaches the point of stalling and remove any additional objects. Then try a full scan without stopping it. This should work for you now.
If still no joy, try these steps:
Ad-Aware Freezing Issue
http://www.lavasoftsupport.com/index.php?s...amp;hl=Freezing
.
Thanks for the reply. I have already tried all the mentioned solutions to no avail. The program would freeze at the same point previously and then I would run it in Safe mode and it worked fine. Now it won't even scan in safe mode?
Look in the XP Event Viewer for any red error items under Applications. Copy them to clipboard using the little textpad looking button and paste into notepad. See if there are any errors specifically for when Adaware freezes or hangs.
Go to Start > Run and type in the box: eventvwr
and press *ok*
Choose applications.
Go to Start > Run and type in the box: eventvwr
and press *ok*
Choose applications.
Checked it and I did have some errors,but none were pointed to Adaware according to the properties tab.
I'm out of ideas. I think because Ad-aware didn't crash it didn't create an error report.
Could you try checking on those other errors incase they are related. Follow any links for more info in the error reports to see if there are any solutions offered for those errors.
Have you added any new software lately? Have any of your security software had an upgrade (to a new version) lately?
Could you try checking on those other errors incase they are related. Follow any links for more info in the error reports to see if there are any solutions offered for those errors.
Have you added any new software lately? Have any of your security software had an upgrade (to a new version) lately?
I'll try that. As fo new programs/updates.There hasn't been anything that I recall. Thanks for the Help though!
Ok, let me know if you find anything interesting in the error report links. Sometimes it can be something totally unrelated to (what appears to be) Ad-Aware, like the need for updated drivers for other other things..
Well,
I don't see anything in th elogs that is causing my problem,I even did a full reinstall. The only way that I can get Adaware to finish a scan is to uncheck the scan registry and deep scan registry options.
I don't see anything in th elogs that is causing my problem,I even did a full reinstall. The only way that I can get Adaware to finish a scan is to uncheck the scan registry and deep scan registry options.
Did you do these? (Start > All programs > Accessories > System tools:
1. Disk Cleanup
2. Disk Defragmenter
3. and the CHKDISK described here:
http://www.lavasoftsupport.com/index.php?s...amp;hl=Freezing
1. Disk Cleanup
2. Disk Defragmenter
3. and the CHKDISK described here:
http://www.lavasoftsupport.com/index.php?s...amp;hl=Freezing
Yeah. I have tried all of that. I did another Rootkit scan and only found this
HKLM\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ParseAutoexec 8/10/2006 4:37 PM 5 bytes Data mismatch between Windows API and raw hive data.
D: 0 bytes Error mounting volume
HKLM\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ParseAutoexec 8/10/2006 4:37 PM 5 bytes Data mismatch between Windows API and raw hive data.
D: 0 bytes Error mounting volume
Nope, "Data mismatch" is not indicative of a rootkit.
It looks like we have tried about everything possible to fix this,so I'll keep playing around with things to see if I get it to work. Thanks for all your help.It's appreciated. 
Well
It wil finish a scan if I uncheck deep scan registry. If I leave it checked,it locks up and says that I have 3 baddies. It won'tlet me get rid of them though,I have to hit cancel twice to get it to un freeze and then the option to remove them is gone.
It wil finish a scan if I uncheck deep scan registry. If I leave it checked,it locks up and says that I have 3 baddies. It won'tlet me get rid of them though,I have to hit cancel twice to get it to un freeze and then the option to remove them is gone.
QUOTE(bmwowner @ Aug 10 2006, 09:30 PM) 
Well
If I leave it checked,it locks up and says that I have 3 baddies.
If I leave it checked,it locks up and says that I have 3 baddies.
What details on these "3 baddies" that are found can you get? That might be a clue!
QUOTE(LS CalamityJane @ Aug 11 2006, 09:12 AM)
What details on these "3 baddies" that are found can you get? That might be a clue!
It only tells me that they are in the Registry file. I can't get anything else except the scan results which say...
objects scanned 1234567890
objects ignored 4
objects identifies 9999
total new objects 99
Well,
I have tried everything again to try to get it to work and It will scan as long as I don't have Deep Scan Registry enabled. I don't understand this?
I have tried everything again to try to get it to work and It will scan as long as I don't have Deep Scan Registry enabled. I don't understand this?
I give up! I have tried all that I know to get SE to finish a scan. If I do a custom scan and uncheck DEEP SCAN REGISTRY,then I get a full scan. If I check it,the problem occurs. Just going to set back and maybe someone else will figure out something I can check.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.