Morning, afternoon and evening to all. I will be going on holiday soon wherin my notepad will not have access to the internet for a while. Hence the health checkup now, while I can fix anything that requires fixing.

If anything, startup lags a little. Also upon waking up, the screen seems to do a double take blinking momentarily, after which everything continues on it's merry way. Following is a copy of my System Information and a HJT log.

A few misc. questions.

• in msconfig > services, there is ##id_stringXXXXX Apple Computer Inc. What's this?
• I don't use Acronis Disk Imager/Image Home, originally I made a few backups but don't plan on using them until required. Can I disable anything Acronis in msconfig startup
  1. Acronis Scheduler2 Service

Similarly I have VMWare installed but no longer use it. Can I disable anything VMWare in msconfig startup

1. VMWare Agent Service: stopped
2. VMWare Authorisation Service: Running
3. VMWare DHCP Service: Running
4. VMWare Virtual Mount Manager: Running
5. VMWare NAT Service: running

I have Nero Ultra installed. Similar to Acronis and VMWare, can I safely disable things in msconfig services/startup... will they load when I load Nero?

1. Nero AG NeroCheck
2. Nero Home
3. NBService: Stopped
4. NMIndexingService: Running

InstallSheild has been installed on my lappy, and so has Installsheild Updater. They weren't before and I don't know when it was installed.

Possibly IS was installed when I installed Dragon NaturallySpeaking 9.51

OS Name Microsoft® Windows Vista™ Home Premium
Version 6.0.6000 Build 6000
Other OS Description Not Available
OS Manufacturer Microsoft Corporation
System Name CJW-LAPTOP
System Manufacturer Dell Inc.
System Model Inspiron 1420
System Type X86-based PC
Processor Intel® Core™2 Duo CPU T5450 @ 1.66GHz, 1667 Mhz, 2 Core(s), 2 Logical Processor(s)
BIOS Version/Date Dell Inc. A00, 23/05/2007
SMBIOS Version 2.4
Windows Directory C:\Windows
System Directory C:\Windows\system32
Boot Device \Device\HarddiskVolume1
Locale Australia
Hardware Abstraction Layer Version = "6.0.6000.20500"
User Name CjW-Laptop\CJ. Wentworth
Time Zone E. Australia Standard Time
Total Physical Memory 2,045.57 MB
Available Physical Memory 1.28 GB
Total Virtual Memory 4.21 GB
Available Virtual Memory 3.19 GB
Page File Space 2.29 GB
Page File C:\pagefile.sys

**************************************************************

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:15:08 PM, on 7/08/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Custom Programs\Protection\AVG 7.5\avgcc.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Windows\sttray.exe
C:\Custom Programs\Protection\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\System32\rundll32.exe
C:\Custom Programs\Internet\Browsers\Firefox\firefox.exe
C:\Windows\system32\WerCon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\System32\msinfo32.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Custom Programs\Protection\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\CUSTOM~1\PROTEC~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] "C:\CUSTOM~1\PROTEC~1\AVG7~1.5\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\DellTPad\Apoint.exe"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] "rundll32.exe" C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [DNS7reminder] "C:\Custom Programs\File Management\Nuance\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking9\Ereg.ini
O4 - HKLM\..\Run: [SpySweeper] "C:\Custom Programs\Protection\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\CUSTOM~1\PROTEC~1\AVG7~1.5\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\CUSTOM~1\PROTEC~1\AVG7~1.5\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\CUSTOM~1\PROTEC~1\AVG7~1.5\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Custom Programs\Protection\AdAware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\CUSTOM~1\PROTEC~1\AVG7~1.5\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\CUSTOM~1\PROTEC~1\AVG7~1.5\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\CUSTOM~1\PROTEC~1\AVG7~1.5\avgrssvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Custom Programs\File Management\Nero 7 Ultra\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Custom Programs\File Management\VMWare\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Custom Programs\File Management\VMWare\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Custom Programs\Protection\Spy Sweeper\SpySweeper.exe

--
End of file - 9277 bytes




Thank you for your time.

Hi ~CJ,

Maybe a stupid question, but if you don't use it.... Why not unistall it? I know that VMWare is huge, so that would save quite some space.

As far as I can see your log is clean. There is one "weird" file in it that I would like more information on though.

Go to Online malware scan and submit C:\Windows\OEM02Mon.exe.

Tell me the result.


This is Apple's Bonjour Service. It is a networking service. Unfortunately I am not completely knowledgable about what it does. It is legit.
Uninstall?
Uninstall?
Depends. You can disable them and see if Nero starts up, and if it works okay. If not, re-enable the services you turned off.
InstallShield is one of the most used installer programs out there. So you'll get this on your computer sooner or later.

Hope this helps.

I was also a little suspicious about C:\Windows\OEM02Mon.exe, but the scan came back clean. I probably should just uninstall those Programs, would make more sense than trying to continually block anything they do. After uninstall is it safe to use CCleaner or EUsing Free Registry Cleaner (or other such Registry Cleaning products?)

And thanks for the reply, it has helped heaps.

Hi ~CJ,

Personally I don't use Registry Cleaners. Most of them are a little over enthusiastic and decide to do just a little too much and thereby incapacitate programs. What programs? And how? I don't know... Could be quite a while before you notice it as well.

The only Registry utility that I use is Registry Compressor as it defragments the Registry.

As for "normal cleaners" I use ATF Cleaner, or the present cleanmgr. CCleaner can be good as well, but because there is much controversy about their cleaning of the Registry I wouldn't use that side of the program.

Good luck

thanks for your time Bobbi. My internet connection runs out tonight so thank you very much for your time :)