Security Center grayed out.....please look at my hijackthis log. [Archive]

View Full Version : Security Center grayed out.....please look at my hijackthis log.

Thirsty4Knowledge

05-08-2007, 08:57 PM

Hello everyone,

The Security Center on my laptop computer is grayed out all of the sudden. I suspect that I have been hijacked with spyware or malware. Can you please take a look at my hijackthis log and tell me what needs to be removed? Thanks.

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\rtvscan.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\winlogin7.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\BitLord\BitLord.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinAce\WinAce.exe
C:\DOCUME~1\RDH~1.HOM\LOCALS~1\Temp\~AceTemp\hijac kthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mininova.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O1 - Hosts: 108.112.42.206 ad.doubleclick.net
O1 - Hosts: 178.95.95.213 ad.fastclick.net
O1 - Hosts: 107.116.117.138 ads.fastclick.net
O1 - Hosts: 174.15.27.94 ar.atwola.com
O1 - Hosts: 115.27.183.221 atdmt.com
O1 - Hosts: 108.15.197.227 awaps.net
O1 - Hosts: 180.66.164.240 banner.fastclick.net
O1 - Hosts: 112.56.109.230 banners.fastclick.net
O1 - Hosts: 180.140.140.115 click.atdmt.com
O1 - Hosts: 104.148.31.185 clicks.atdmt.com
O1 - Hosts: 111.57.62.146 engine.awaps.net
O1 - Hosts: 100.178.73.135 fastclick.net
O1 - Hosts: 109.92.142.185 media.fastclick.net
O1 - Hosts: 109.170.21.186 spd.atdmt.com
O1 - Hosts: 186.54.74.45 www.awaps.net
O1 - Hosts: 105.116.161.207 www.fastclick.net
O1 - Hosts: 108.51.94.92 awaps.net
O1 - Hosts: 102.35.134.158 fastclick.net
O1 - Hosts: 102.158.3.18 akamai.net
O1 - Hosts: 179.147.199.183 www.antivir.de
O1 - Hosts: 105.108.119.104 antivir.de
O1 - Hosts: 181.87.27.164 drweb.com
O1 - Hosts: 110.60.112.152 www.drweb.com
O1 - Hosts: 173.72.89.247 drweb.ru
O1 - Hosts: 111.9.106.84 www.clamav.net
O1 - Hosts: 179.134.219.18 clamav.net
O1 - Hosts: 104.145.107.4 www.bitdefender.ru
O1 - Hosts: 186.223.18.161 bitdefender.ru
O1 - Hosts: 100.125.216.116 open.by
O1 - Hosts: 175.210.118.4 vba32.de
O1 - Hosts: 106.43.202.48 www.open.by
O1 - Hosts: 114.221.90.151 lavasoft.de
O1 - Hosts: 176.168.161.132 rs01.avast.com
O1 - Hosts: 113.196.23.53 sm01.avast.com
O1 - Hosts: 173.85.201.82 rs02.avast.com
O1 - Hosts: 100.83.75.234 sm02.avast.com
O1 - Hosts: 178.94.124.98 rs03.avast.com
O1 - Hosts: 115.115.189.31 sm03.avast.com
O1 - Hosts: 179.82.30.213 rs04.avast.com
O1 - Hosts: 108.6.5.208 sm04.avast.com
O1 - Hosts: 184.166.75.163 rs05.avast.com
O1 - Hosts: 109.98.190.168 sm05.avast.com
O1 - Hosts: 185.166.221.212 rs06.avast.com
O1 - Hosts: 101.71.169.118 sm06.avast.com
O1 - Hosts: 183.68.192.179 rs07.avast.com
O1 - Hosts: 113.156.186.65 sm07.avast.com
O1 - Hosts: 173.216.20.157 rs08.avast.com
O1 - Hosts: 115.25.97.195 sm08.avast.com
O1 - Hosts: 185.172.91.117 rs09.avast.com
O1 - Hosts: 103.56.26.4 sm09.avast.com
O1 - Hosts: 187.21.191.24 rs10.avast.com
O1 - Hosts: 106.135.126.37 sm10.avast.com
O1 - Hosts: 186.92.191.182 rs11.avast.com
O1 - Hosts: 101.151.218.40 sm11.avast.com
O1 - Hosts: 182.12.173.157 rs12.avast.com
O1 - Hosts: 102.44.86.6 sm12.avast.com
O1 - Hosts: 187.177.109.41 rs13.avast.com
O1 - Hosts: 100.135.39.7 sm13.avast.com
O1 - Hosts: 183.4.26.28 rs14.avast.com
O1 - Hosts: 109.152.56.132 sm14.avast.com
O1 - Hosts: 174.22.52.47 rs15.avast.com
O1 - Hosts: 112.44.76.101 sm15.avast.com
O1 - Hosts: 176.24.2.108 rs16.avast.com
O1 - Hosts: 104.88.100.68 sm16.avast.com
O1 - Hosts: 175.209.96.55 rs17.avast.com
O1 - Hosts: 108.136.54.58 sm17.avast.com
O1 - Hosts: 182.81.75.62 rs18.avast.com
O1 - Hosts: 100.132.172.31 sm18.avast.com
O1 - Hosts: 183.224.68.115 rs19.avast.com
O1 - Hosts: 103.144.191.113 sm19.avast.com
O1 - Hosts: 184.193.195.14 rs20.avast.com
O1 - Hosts: 103.69.72.110 sm20.avast.com
O1 - Hosts: 176.169.145.194 rs21.avast.com
O1 - Hosts: 105.200.223.248 sm21.avast.com
O1 - Hosts: 176.72.49.72 rs22.avast.com
O1 - Hosts: 105.200.136.24 sm22.avast.com
O1 - Hosts: 184.106.33.253 rs23.avast.com
O1 - Hosts: 112.106.95.4 sm23.avast.com
O1 - Hosts: 176.15.175.146 rs24.avast.com
O1 - Hosts: 115.172.124.52 sm24.avast.com
O1 - Hosts: 174.173.108.253 rs25.avast.com
O1 - Hosts: 111.199.132.183 sm25.avast.com
O1 - Hosts: 181.141.199.236 rs26.avast.com
O1 - Hosts: 108.110.4.67 sm26.avast.com
O1 - Hosts: 187.38.57.188 rs27.avast.com
O1 - Hosts: 110.153.170.218 sm27.avast.com
O1 - Hosts: 184.120.97.180 rs28.avast.com
O1 - Hosts: 104.221.204.97 sm28.avast.com
O1 - Hosts: 184.87.84.126 rs29.avast.com
O1 - Hosts: 113.158.156.12 sm29.avast.com
O1 - Hosts: 175.137.116.58 rs30.avast.com
O1 - Hosts: 106.89.171.42 sm30.avast.com
O1 - Hosts: 181.63.155.14 downloadhosting.core.ignum.cz
O1 - Hosts: 108.171.61.165 download25.avast.com
O1 - Hosts: 180.78.122.242 www.avast.com
O1 - Hosts: 105.94.46.61 avast.com
O1 - Hosts: 101.219.196.161 www.clamwin.com
O1 - Hosts: 177.93.131.172 clamwin.com
O1 - Hosts: 113.178.206.30 213.219.245.4
O1 - Hosts: 178.169.49.160 files.referats.net
O1 - Hosts: 104.83.9.105 database.clamav.net
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {36DBC179-A19F-48F2-B16A-6A3E19B42A87} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {81A35F39-4850-474E-92C9-B4CF283207E0} - (no file)
O2 - BHO: (no name) - {850C7964-9320-4055-BE11-7D7B562A6417} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [dgfdgdfg] df23.exe
O4 - HKLM\..\Run: [plscd Monitor] plscg.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 1.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Espon Mon37] sys23.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DRam presessar] idet.exe
O4 - HKLM\..\Run: [MSRTspro2] msrtspr1.exe
O4 - HKLM\..\Run: [Microsoft32] win32sys.exe
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [SvcManager] winlogin7.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\RunServices: [dgfdgdfg] df23.exe
O4 - HKLM\..\RunServices: [plscd Monitor] plscg.exe
O4 - HKLM\..\RunServices: [DRam presessar] idet.exe
O4 - HKLM\..\RunServices: [Microsoft32] win32sys.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - http://support2.charter.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061023/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.viewpoint.com/cgi-bin/installer.v4/vet_install_premium.pl?1&6&04.00.09.13&premium&nocookie&http://www.toyota.com/vehicles/2007/fjcruiser/features.html?noreloadredir
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146832552706
O16 - DPF: {87587503-20F0-4FF5-8DA3-0106C4C03FDC} (vmLaunch Class) - http://www.vibephone.com/vm/vmdata/download/1006-Charter/vmLauncher.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - http://www.photodex.com/pxplay.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: MSN Messenger - {280A7B65-8F00-438F-3E5A-1F039433FE60} - C:\WINDOWS\system32\dssdll32.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Client/Server Runtime Server Subsystem (CSRSS) - Unknown owner - C:\WINDOWS\csrss.exe (file missing)
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Unknown owner - C:\WINDOWS\system32\HPConfig.exe (file missing)
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Microsoft Validation Service - Unknown owner - C:\WINDOWS\mvsr32.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
O23 - Service: Zune Network Sharing Service (ZuneNetworkSvc) - Unknown owner - C:\Program Files\Zune\ZuneNss.exe (file missing)

nightwolf

05-08-2007, 09:46 PM

go to hijackthis.de and do a self analysis

Thirsty4Knowledge

05-08-2007, 10:10 PM

I went to the site you suggested. Here is a log of what it came up with. I am kind of nervous about removing things. Obviously, I will remove the ones that say "must be or should be fixed" but I need a little advice on other things. Please advise me what to do with the rest of this.

Thanks.

A newer version of service pack is available. Service packs increase the safety of your system. Visit Microsoft's windowsupdate site to download the newest version of the service pack.
We didn't detect any active process of a firewall on your system. Reasons maybe:
(1.) You are using the windows firewall or a hardware firewall.
(2.) You are using a firewall of an unknown vendor.
(3.) You are using a firewall, but for unknown reasons it is disabled
(4.) You don't use any firewall at all.
We recommend you to use a firewall. Download and install one or activate windows xp´s own one. In case you got questions or you want us to add the firewall you use to our database, contact us at our forum.
Actions Entry Kind Visitor's assessment Information
C:\WINDOWS\System32\smss.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\winlogon.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\services.exe
Safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\lsass.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\svchost.exe
Safe
This entry was classified from our visitors as good.
C:\WINDOWS\System32\svchost.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\spoolsv.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\NavNT\rtvscan.exe
Very safe
Possibly nasty! According to our database this process runs normally in c:\programme\symantec.*\! Check if you know this process and arrange a viruscheck where required. Symantec Corporate Edition
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
Neutral
Win VNC
C:\WINDOWS\Explorer.EXE
Very safe
This entry was classified from our visitors as good.
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Very safe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Safe

C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
Safe
Java Runtime
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
Very safe
ATI Desktop Control Panel from ATI Technologies
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
Safe
Install shield update service
C:\WINDOWS\system32\winlogin7.exe
Fuzzy Algorithmcheck (1.5 / 5.00), Nasty
C:\WINDOWS\system32\ctfmon.exe
Very safe
This entry was classified from our visitors as good.
C:\Program Files\Messenger\msmsgs.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
Safe
Associated with GoogleToolbarNotifier from Google Inc.
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
Neutral
Nero Burning Monitor
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
Neutral
Ahead Nero
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

Nero Indexing Service
C:\Program Files\BitLord\BitLord.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Internet Explorer\IEXPLORE.EXE
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\rundll32.exe
Neutral
RUNDLL32 is the Microsoft Windows program that loads DLLs into memory so that they can be used by specific programs or by Windows.
C:\Program Files\Internet Explorer\iexplore.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\WinAce\WinAce.exe
Very safe
WinAce
C:\DOCUME~1\RDH~1.HOM\LOCALS~1\Temp\~AceTemp\hijac kthis\HijackThis.exe
Remember that Hijackthis must be run in an own folder. Only if Hijackthis run in an own folder it will create backups! Tool, mit dem sie dieses Logfile erzeugt haben. Das Programm sollte so angelegt sein ! C:\Programme\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mininova.org/
This page has been identified as safe.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
Neutral This page has been identified as safe.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
Safe This page has been identified as safe.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
Safe This page has been identified as safe.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
Neutral This page has been identified as safe.
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
Neutral
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
Very safe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
Very safe
O1 - Hosts: 108.112.42.206 ad.doubleclick.net
Extremely nasty
O1 - Hosts: 178.95.95.213 ad.fastclick.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 107.116.117.138 ads.fastclick.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 174.15.27.94 ar.atwola.com
Must be fixed!
O1 - Hosts: 115.27.183.221 atdmt.com
Must be fixed!
O1 - Hosts: 108.15.197.227 awaps.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 180.66.164.240 banner.fastclick.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 112.56.109.230 banners.fastclick.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 180.140.140.115 click.atdmt.com
Must be fixed!
O1 - Hosts: 104.148.31.185 clicks.atdmt.com
Must be fixed!
O1 - Hosts: 111.57.62.146 engine.awaps.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 100.178.73.135 fastclick.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 109.92.142.185 media.fastclick.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 109.170.21.186 spd.atdmt.com
Must be fixed!
O1 - Hosts: 186.54.74.45 www.awaps.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 105.116.161.207 www.fastclick.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 108.51.94.92 awaps.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 102.35.134.158 fastclick.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 102.158.3.18 akamai.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 179.147.199.183 www.antivir.de
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 105.108.119.104 antivir.de
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 181.87.27.164 drweb.com
Must be fixed!
O1 - Hosts: 110.60.112.152 www.drweb.com
Must be fixed!
O1 - Hosts: 173.72.89.247 drweb.ru
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 111.9.106.84 www.clamav.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 179.134.219.18 clamav.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 104.145.107.4 www.bitdefender.ru
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 186.223.18.161 bitdefender.ru
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 100.125.216.116 open.by
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 175.210.118.4 vba32.de
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 106.43.202.48 www.open.by
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 114.221.90.151 lavasoft.de
Must be fixed!
O1 - Hosts: 176.168.161.132 rs01.avast.com
Must be fixed!
O1 - Hosts: 113.196.23.53 sm01.avast.com
Must be fixed!
O1 - Hosts: 173.85.201.82 rs02.avast.com
Must be fixed!
O1 - Hosts: 100.83.75.234 sm02.avast.com
Must be fixed!
O1 - Hosts: 178.94.124.98 rs03.avast.com
Must be fixed!
O1 - Hosts: 115.115.189.31 sm03.avast.com
Must be fixed!
O1 - Hosts: 179.82.30.213 rs04.avast.com
Must be fixed!
O1 - Hosts: 108.6.5.208 sm04.avast.com
Must be fixed!
O1 - Hosts: 184.166.75.163 rs05.avast.com
Must be fixed!
O1 - Hosts: 109.98.190.168 sm05.avast.com
Must be fixed!
O1 - Hosts: 185.166.221.212 rs06.avast.com
Must be fixed!
O1 - Hosts: 101.71.169.118 sm06.avast.com
Must be fixed!
O1 - Hosts: 183.68.192.179 rs07.avast.com
Must be fixed!
O1 - Hosts: 113.156.186.65 sm07.avast.com
Must be fixed!
O1 - Hosts: 173.216.20.157 rs08.avast.com
Must be fixed!
O1 - Hosts: 115.25.97.195 sm08.avast.com
Must be fixed!
O1 - Hosts: 185.172.91.117 rs09.avast.com
Must be fixed!
O1 - Hosts: 103.56.26.4 sm09.avast.com
Must be fixed!
O1 - Hosts: 187.21.191.24 rs10.avast.com
Must be fixed!
O1 - Hosts: 106.135.126.37 sm10.avast.com
Must be fixed!
O1 - Hosts: 186.92.191.182 rs11.avast.com
Must be fixed!
O1 - Hosts: 101.151.218.40 sm11.avast.com
Must be fixed!
O1 - Hosts: 182.12.173.157 rs12.avast.com
Must be fixed!
O1 - Hosts: 102.44.86.6 sm12.avast.com
Must be fixed!
O1 - Hosts: 187.177.109.41 rs13.avast.com
Must be fixed!
O1 - Hosts: 100.135.39.7 sm13.avast.com
Must be fixed!
O1 - Hosts: 183.4.26.28 rs14.avast.com
Must be fixed!
O1 - Hosts: 109.152.56.132 sm14.avast.com
Must be fixed!
O1 - Hosts: 174.22.52.47 rs15.avast.com
Must be fixed!
O1 - Hosts: 112.44.76.101 sm15.avast.com
Must be fixed!
O1 - Hosts: 176.24.2.108 rs16.avast.com
Must be fixed!
O1 - Hosts: 104.88.100.68 sm16.avast.com
Must be fixed!
O1 - Hosts: 175.209.96.55 rs17.avast.com
Must be fixed!
O1 - Hosts: 108.136.54.58 sm17.avast.com
Must be fixed!
O1 - Hosts: 182.81.75.62 rs18.avast.com
Must be fixed!
O1 - Hosts: 100.132.172.31 sm18.avast.com
Must be fixed!
O1 - Hosts: 183.224.68.115 rs19.avast.com
Must be fixed!
O1 - Hosts: 103.144.191.113 sm19.avast.com
Must be fixed!
O1 - Hosts: 184.193.195.14 rs20.avast.com
Must be fixed!
O1 - Hosts: 103.69.72.110 sm20.avast.com
Must be fixed!
O1 - Hosts: 176.169.145.194 rs21.avast.com
Must be fixed!
O1 - Hosts: 105.200.223.248 sm21.avast.com
Must be fixed!
O1 - Hosts: 176.72.49.72 rs22.avast.com
Must be fixed!
O1 - Hosts: 105.200.136.24 sm22.avast.com
Must be fixed!
O1 - Hosts: 184.106.33.253 rs23.avast.com
Must be fixed!
O1 - Hosts: 112.106.95.4 sm23.avast.com
Must be fixed!
O1 - Hosts: 176.15.175.146 rs24.avast.com
Must be fixed!
O1 - Hosts: 115.172.124.52 sm24.avast.com
Must be fixed!
O1 - Hosts: 174.173.108.253 rs25.avast.com
Must be fixed!
O1 - Hosts: 111.199.132.183 sm25.avast.com
Must be fixed!
O1 - Hosts: 181.141.199.236 rs26.avast.com
Must be fixed!
O1 - Hosts: 108.110.4.67 sm26.avast.com
Must be fixed!
O1 - Hosts: 187.38.57.188 rs27.avast.com
Must be fixed!
O1 - Hosts: 110.153.170.218 sm27.avast.com
Must be fixed!
O1 - Hosts: 184.120.97.180 rs28.avast.com
Must be fixed!
O1 - Hosts: 104.221.204.97 sm28.avast.com
Must be fixed!
O1 - Hosts: 184.87.84.126 rs29.avast.com
Must be fixed!
O1 - Hosts: 113.158.156.12 sm29.avast.com
Must be fixed!
O1 - Hosts: 175.137.116.58 rs30.avast.com
Must be fixed!
O1 - Hosts: 106.89.171.42 sm30.avast.com
Must be fixed!
O1 - Hosts: 181.63.155.14 downloadhosting.core.ignum.cz
Must be fixed!
O1 - Hosts: 108.171.61.165 download25.avast.com
Must be fixed!
O1 - Hosts: 180.78.122.242 www.avast.com
Must be fixed!
O1 - Hosts: 105.94.46.61 avast.com
Must be fixed!
O1 - Hosts: 101.219.196.161 www.clamwin.com
Must be fixed!
O1 - Hosts: 177.93.131.172 clamwin.com
Must be fixed!
O1 - Hosts: 113.178.206.30 213.219.245.4
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 178.169.49.160 files.referats.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O1 - Hosts: 104.83.9.105 database.clamav.net
Unknown URLs should be fixed. Unknown entries within the HOSTS-file should be fixed.
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
Safe AcroIEhelper.ocx, AcroIEhelper.dll - Adobe Acrobat reader, http://www.adobe.com/products/acrobat/re adstep2.html
O2 - BHO: (no name) - {36DBC179-A19F-48F2-B16A-6A3E19B42A87} - (no file)
Must be fixed!
Unnecessary (deactivated) entry that can be fixed. Troj/Cimuz-AS
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
Very safe SUN Java
O2 - BHO: (no name) - {81A35F39-4850-474E-92C9-B4CF283207E0} - (no file)
Must be fixed!
Unnecessary (deactivated) entry that can be fixed. mstask64.dll "PASSGRAB", a spam relayer, hijacker and email account password stealer
O2 - BHO: (no name) - {850C7964-9320-4055-BE11-7D7B562A6417} - (no file)
Must be fixed!
Unnecessary (deactivated) entry that can be fixed. Helper.dll - Variant of the Troj/Banker-DTE, http://www.sophos.com/security/analyses/ trojbankerdte.html trojan
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
Safe This entry was classified from our visitors as good.
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
Safe This entry was classified from our visitors as good.
O4 - HKLM\..\Run: [dgfdgdfg] df23.exe
Unknown application.
O4 - HKLM\..\Run: [plscd Monitor] plscg.exe
Unknown application.
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Very safe Synaptics touchpad driver helper. Required for touchpad features to work
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Very safe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
Neutral Not dangerous, but unnecessary. QuickTime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb1 1.exe
Neutral Hewlett-Packard Deskjet
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
Safe Java von Sun
O4 - HKLM\..\Run: [Espon Mon37] sys23.exe
Unknown application.
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
Very safe Control panel for the ATI series of video cards allowing access to such features as display resolution, colour depth, etc. Available via Start -> Settings -> Control Panel -> Display. Some users may need it if they have optimised their settings
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
Very safe System Tray icon for Norton Anti-Virus Corporate Edition. Gives access to the options available and may not be required. Some users may have problems - refer here
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
Safe Associated with "Nero Burning Rom" CD writing software. Checks for driver issues
O4 - HKLM\..\Run: [DRam presessar] idet.exe
Unknown application.
O4 - HKLM\..\Run: [MSRTspro2] msrtspr1.exe
Unknown application.
O4 - HKLM\..\Run: [Microsoft32] win32sys.exe
Unknown application.
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
Not dangerous, but unnecessary. InstallShield Update Service related; Automatically searches for and performs any updates to the software. Not required.
O4 - HKLM\..\Run: [SvcManager] winlogin7.exe
Unknown application.
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM\..\RunServices: [dgfdgdfg] df23.exe
Unknown application.
O4 - HKLM\..\RunServices: [plscd Monitor] plscg.exe
Unknown application.
O4 - HKLM\..\RunServices: [DRam presessar] idet.exe
Unknown application.
O4 - HKLM\..\RunServices: [Microsoft32] win32sys.exe
Unknown application.
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
Safe This entry was classified from our visitors as good.
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
Safe This entry was classified from our visitors as good.
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
Very safe Associated with GoogleToolbarNotifier from Google Inc.
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
Safe This entry was classified from our visitors as good.
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Very safe Not dangerous, but unnecessary. Speeds up the time it takes to load the Adobe Reader application. Your choice
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Safe Adobe Reader Synchronizer
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Very safe Not dangerous, but unnecessary. WinCinema Manager is needed when using the WinDVD Remote Control for WinDVD from Intervideo. Available via Start -> Programs
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
Nasty To be fixed immediately! This entry was classified from our visitors as bad.
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
Safe The entry has been identified as safe.
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
The entry Sun Java Console has been identified as safe.
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
Safe
Unnecessary (deactivated) entry that can be fixed. This entry was classified from our visitors as good.
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
Very safe
Unnecessary (deactivated) entry that can be fixed. This entry was classified from our visitors as good.
O11 - Options group: [INTERNATIONAL] International*
Neutral
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - http://support2.charter.com/sdccommon/download/tgctlcm.cab
This entry has been identified as safe.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061023/qtinstall.info.apple.com/qtactivex/ qtplugin.cab
This entry has been identified as safe.
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=http://www.vi ewpoint.com/cgi-bin/installer.v4/vet_install_premium.pl?1&6&04.00.09.13&premium& nocookie&http://www.toyota.com/vehicles/2007/fjcruiser/features.html?noreloadred ir
This entry has been identified as safe.
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
Very safe This entry has been identified as safe.
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_si te.cab?1146832552706
This entry has been identified as safe.
O16 - DPF: {87587503-20F0-4FF5-8DA3-0106C4C03FDC} (vmLaunch Class) - http://www.vibephone.com/vm/vmdata/download/1006-Charter/vmLauncher.cab
Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - http://www.photodex.com/pxplay.cab
Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
Very safe This entry was classified from our visitors as good.
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
Safe This entry was classified from our visitors as good.
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
Safe This entry was classified from our visitors as good.
O21 - SSODL: MSN Messenger - {280A7B65-8F00-438F-3E5A-1F039433FE60} - C:\WINDOWS\system32\dssdll32.dll

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Very safe This service (guard.exe) was identified as a good one.
O23 - Service: Client/Server Runtime Server Subsystem (CSRSS) - Unknown owner - C:\WINDOWS\csrss.exe (file missing)
This entry is not running from the System32 folder, so it is probably nasty. This service (csrss.exe) seems to be nasty.
This process is not running from the System32 folder as it is supposed to be.
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
This service (defwatch.exe) was identified as a good one.
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Safe This service (GoogleUpdaterService.exe) was identified as a good one.
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
Safe This service (hpbpro.exe) was identified as a good one.
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
Safe Unknown service. (hpboid.exe)
O23 - Service: HP Configuration Interface Service (HPConfig) - Unknown owner - C:\WINDOWS\system32\HPConfig.exe (file missing)
This service (HPConfig.exe) was identified as a good one.
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
This service (HPWirelessMgr.exe) was identified as a good one.
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
This service (IDriverT.exe) was identified as a good one.
O23 - Service: Microsoft Validation Service - Unknown owner - C:\WINDOWS\mvsr32.exe (file missing)
Unknown service. (mvsr32.exe)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
Safe This service (NBService.exe) was identified as a good one. This entry was classified from our visitors as good.
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
Neutral This service (NMIndexingService.exe) was identified as a good one.
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
Very safe This service (rtvscan.exe) was identified as a good one.
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Safe This service (HPZipm12.exe) was identified as a good one. This entry was classified from our visitors as good.
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
Safe This service (WinVNC4.exe) was identified as a good one. This entry was classified from our visitors as good.
O23 - Service: Zune Network Sharing Service (ZuneNetworkSvc) - Unknown owner - C:\Program Files\Zune\ZuneNss.exe (file missing)
This service (ZuneNss.exe) was identified as a good one.

nightwolf

05-08-2007, 11:07 PM

first i would do a full anti-virus scan and spyware scan then rescan the log at the site and clean out everything that is nasty.

Thirsty4Knowledge

05-08-2007, 11:22 PM

I just finished cleaning out everything that said it was nasty. I said in my original post that System Security is grayed out....well, let me clarify that....it is System Firewall that is grayed out. If anyone knows why this is happening and how to fix it, please let me know. Thanks.