Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help Comp Slow

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help Comp Slow

Unread postby gamerking#1 » December 31st, 2007, 1:55 pm

http://www.malwareremoval.com/forum/viewtopic.php?f=11&t=26104 : My Last Topic

I wanted to know if the program would work on my vista to make it better.

There was one thing I forgot when ever I search on google all the links lead me to an ip adress then searchdaily then a random website.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:55:28 PM, on 12/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\LTSMMSG.exe
C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe
C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\PC-cillin 2000\Tmntsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Trend Micro\PC-cillin 2000\PNTIOMON.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\Program Files\Trend Micro\PC-cillin 2000\pccntupd.exe
C:\WINDOWS\system32\wscntfy.exe
c:\progra~1\Support.com\client\bin\tgcmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\cmd.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\adobe\acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {C93CCE97-BDC2-4E6F-908A-B0CFC6C9ADE7} - C:\WINDOWS\System32\ciadminm.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe"
O4 - HKLM\..\Run: [WebTrapNT.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe"
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [CleanupProgram] C:\Sonysys\cleanup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Real-time Monitor.lnk = ?
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4911586539
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2000\Tmntsrv.exe

--
End of file - 5521 bytes


Please help.
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm
Advertisement
Register to Remove

Re: Help Comp Slow

Unread postby Shaba » January 4th, 2008, 5:32 am

Hi gamerking#1

From the previous topics of yours I've seen you seem to leave them unfinished and then start a new one when it's archived.

That is considered as an unacceptable behaviour; if you continue that way you will not continue to receive help here.

Also, adding more RAM and things like that will make Vista running much smoother than any program will ever do.

If you are unsure that if some program will work in Vista and there is no info on their website, you can always contact program developers via contact form.

If you accepts with terms above, I can continue with cleaning of your system :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Help Comp Slow

Unread postby gamerking#1 » January 6th, 2008, 1:11 pm

I remember only abbandoning only one topic and that was only because I was busy. But I will keep track of this one (and all the other topic's I will start in the future).
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Re: Help Comp Slow

Unread postby Shaba » January 6th, 2008, 1:36 pm

Hi

Then we continue with this:

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Help Comp Slow

Unread postby gamerking#1 » January 7th, 2008, 11:05 pm

Deckard's System Scanner v20071014.68
Run by Vgamecoder on 2008-01-07 22:02:03
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; unknown error code 0x00000001


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 79% (more than 75%).
Total Physical Memory: 480 MiB (512 MiB recommended).


-- HijackThis (run as Vgamecoder.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:14 PM, on 1/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Trend Micro\PC-cillin 2000\Tmntsrv.exe
C:\WINDOWS\LTSMMSG.exe
C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe
C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Trend Micro\PC-cillin 2000\PNTIOMON.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\Program Files\Trend Micro\PC-cillin 2000\pccntupd.exe
c:\progra~1\Support.com\client\bin\tgcmd.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Vgamecoder\Local Settings\Temporary Internet Files\Content.IE5\1TQ5U0FA\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Vgamecoder.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\adobe\acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {C93CCE97-BDC2-4E6F-908A-B0CFC6C9ADE7} - C:\WINDOWS\System32\ciadminm.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe"
O4 - HKLM\..\Run: [WebTrapNT.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe"
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [CleanupProgram] C:\Sonysys\cleanup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Real-time Monitor.lnk = ?
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4911586539
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2000\Tmntsrv.exe

--
End of file - 5590 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20071225-123919-528 O2 - BHO: (no name) - {C93CCE97-BDC2-4E6F-908A-B0CFC6C9ADE7} - C:\WINDOWS\System32\ciadminm.dll
backup-20071225-123953-354 O2 - BHO: (no name) - {C93CCE97-BDC2-4E6F-908A-B0CFC6C9ADE7} - C:\WINDOWS\System32\ciadminm.dll
backup-20071225-124020-262 O2 - BHO: (no name) - {C93CCE97-BDC2-4E6F-908A-B0CFC6C9ADE7} - C:\WINDOWS\System32\ciadminm.dll
backup-20071225-124228-850 O2 - BHO: (no name) - {C93CCE97-BDC2-4E6F-908A-B0CFC6C9ADE7} - C:\WINDOWS\System32\ciadminm.dll
backup-20071225-124554-178 O2 - BHO: (no name) - {C93CCE97-BDC2-4E6F-908A-B0CFC6C9ADE7} - C:\WINDOWS\System32\ciadminm.dll
backup-20071225-124724-970 O2 - BHO: (no name) - {C93CCE97-BDC2-4E6F-908A-B0CFC6C9ADE7} - C:\WINDOWS\System32\ciadminm.dll

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 jdwouvcb - c:\windows\system32\drivers\ficdygvx.dat
R1 SiSkp - c:\windows\system32\drivers\srvkp.sys
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Tmntsrv (Trend NT Realtime Service) - "c:\program files\trend micro\pc-cillin 2000\tmntsrv.exe" <Not Verified; Trend Micro Inc.; Trend Pc-cillin 7.61>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2007-12-07 and 2008-01-07 -----------------------------

2008-01-06 13:26:54 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-01-06 13:26:16 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2008-01-06 13:02:55 0 d-------- C:\Program Files\Acclaim
2007-12-30 17:49:30 0 d-------- C:\Program Files\Battlezone II
2007-12-19 17:59:56 0 d-------- C:\Dev-C++
2007-12-17 18:35:49 0 d-------- C:\WINDOWS\pss
2007-12-15 13:35:50 0 d-------- C:\Documents and Settings\Vgamecoder\Application Data\SpamBlockerUtility_Icons
2007-12-15 13:32:41 0 d-------- C:\Documents and Settings\Vgamecoder\Application Data\SpamBlocker
2007-12-15 13:32:19 0 d-------- C:\Program Files\Hotbar
2007-12-09 18:45:09 0 d-------- C:\Dev-Cpp


-- Find3M Report ---------------------------------------------------------------

2008-01-07 16:14:56 0 --a------ C:\AUTOEXEC.BAT
2008-01-06 13:02:55 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-06 13:02:21 0 d-------- C:\Program Files\Common Files\InstallShield
2007-12-14 22:58:52 0 d-------- C:\Program Files\Trend Micro
2007-12-10 20:56:04 0 d-------- C:\Documents and Settings\Vgamecoder\Application Data\Dev-Cpp
2007-12-10 20:40:50 1039961 --a------ C:\WINDOWS\system32\alleg42.dll
2007-12-09 18:23:25 0 d-------- C:\Documents and Settings\Vgamecoder\Application Data\Macromedia
2007-12-04 20:04:20 0 d-------- C:\Program Files\Audacity
2007-12-04 19:54:51 0 d-------- C:\Program Files\AviSynth 2.5
2007-12-04 19:53:43 0 d-------- C:\Program Files\eRightSoft
2007-12-03 23:04:53 61678 --a------ C:\Documents and Settings\Vgamecoder\Application Data\PFP100JPR.{PB
2007-12-03 23:04:53 12358 --a------ C:\Documents and Settings\Vgamecoder\Application Data\PFP100JCM.{PB
2007-12-03 23:04:50 0 d-------- C:\Documents and Settings\Vgamecoder\Application Data\Corel
2007-12-03 20:06:13 0 d-------- C:\Program Files\Common Files
2007-12-03 20:06:13 0 d-------- C:\Program Files\Common Files\Borland Shared
2007-12-03 20:03:23 0 d-------- C:\Program Files\Corel
2007-11-29 16:06:47 0 d-------- C:\Program Files\Windows Live Toolbar
2007-11-28 09:41:06 0 d-------- C:\Program Files\Messenger
2007-11-27 13:37:22 0 d-------- C:\Program Files\LimeWire
2007-11-27 13:29:57 0 d-------- C:\Program Files\Google
2007-11-25 11:25:22 0 d-------- C:\Program Files\Movie Maker
2007-11-25 11:08:38 0 d-------- C:\Program Files\Windows NT
2007-11-24 16:09:51 0 d-------- C:\Program Files\Portable Media Center
2007-11-18 12:25:46 0 d-------- C:\Program Files\Install Creator
2007-11-17 22:30:06 0 d-------- C:\Documents and Settings\Vgamecoder\Application Data\LimeWire
2007-11-17 15:56:07 0 d-------- C:\Program Files\Java
2007-11-17 15:53:53 0 d-------- C:\Program Files\Common Files\Java
2007-11-16 18:27:33 0 d-------- C:\Documents and Settings\Vgamecoder\Application Data\Adobe
2007-11-12 22:17:08 0 d-------- C:\Program Files\Game_Maker6
2007-11-12 20:15:14 0 d-------- C:\Documents and Settings\Vgamecoder\Application Data\Google
2007-11-12 19:55:09 0 d-------- C:\Program Files\Lavasoft
2007-11-12 19:53:10 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-12 19:41:17 0 d-------- C:\Program Files\Sonic Solutions
2007-11-12 19:40:34 0 d-------- C:\Program Files\MyCDPro
2007-11-12 19:40:29 0 d-------- C:\Program Files\VERITAS Software
2007-11-12 19:40:09 0 d-------- C:\Program Files\Sony
2007-11-12 19:39:56 0 d-------- C:\Program Files\CyberLink
2007-11-12 19:39:43 0 d-------- C:\Program Files\Screenblast
2007-11-12 19:37:37 0 d-------- C:\Program Files\Real
2007-11-12 19:35:32 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-12 19:24:35 0 d-------- C:\Documents and Settings\Vgamecoder\Application Data\acccore
2007-11-12 19:23:40 0 d-------- C:\Program Files\AIM6
2007-11-12 19:22:24 0 d-------- C:\Program Files\Common Files\AOL
2007-11-12 18:53:44 0 d--h----- C:\Program Files\WindowsUpdate


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown



-- End of Deckard's System Scanner: finished at 2008-01-07 22:04:12 ------------







Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.00GHz
Percentage of Memory in Use: 73%
Physical Memory (total/avail): 479.53 MiB / 128.89 MiB
Pagefile Memory (total/avail): 1124.04 MiB / 843.2 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1925.54 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 14.94 GiB total, 3.43 GiB free.
D: is Fixed (NTFS) - 40.96 GiB total, 29.53 GiB free.
E: is Removable (No Media)
F: is CDROM (CDFS)
G: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST360020A - 55.9 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 14.94 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 40.96 GiB - D:

\\.\PHYSICALDRIVE1 - Memory Stick Slot



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.


[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Trend Micro\\PC-cillin 2000\\WebTrapNT.exe"="C:\\Program Files\\Trend Micro\\PC-cillin 2000\\WebTrapNT.exe:*:Disabled:WebTrap"
"C:\\Program Files\\support.com\\client\\bin\\tgcmd.exe"="C:\\Program Files\\support.com\\client\\bin\\tgcmd.exe:*:Disabled:tgcmd Module"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Documents and Settings\\Vgamecoder\\Local Settings\\Temporary Internet Files\\Content.IE5\\L237ZZ5L\\LieroX_v0.56_Pack_1.9[1]\\LieroX v0.56 Pack 1.9\\LieroX.exe"="C:\\Documents and Settings\\Vgamecoder\\Local Settings\\Temporary Internet Files\\Content.IE5\\L237ZZ5L\\LieroX_v0.56_Pack_1.9[1]\\LieroX v0.56 Pack 1.9\\LieroX.exe:*:Enabled:LieroX"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Battlezone II\\bzone.exe"="C:\\Program Files\\Battlezone II\\bzone.exe:*:Enabled:bzone"
"C:\\Program Files\\Acclaim\\2Moons\\minilauncher.exe"="C:\\Program Files\\Acclaim\\2Moons\\minilauncher.exe:*:Enabled:2moons"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Vgamecoder\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PATRIK
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Vgamecoder
LOGONSERVER=\\PATRIK
MINGDIR=C:\Dev-Cpp
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=c:\Dev-Cpp\bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0204
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\VGAMEC~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\VGAMEC~1\LOCALS~1\Temp
USERDOMAIN=PATRIK
USERNAME=Vgamecoder
USERPROFILE=C:\Documents and Settings\Vgamecoder
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Vgamecoder (admin)


-- Add/Remove Programs ---------------------------------------------------------



-- Application Event Log -------------------------------------------------------

Event Record #/Type511 / Error
Event Submitted/Written: 01/07/2008 04:14:57 PM
Event ID/Source: 1802 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Event Record #/Type508 / Error
Event Submitted/Written: 01/06/2008 09:40:32 PM
Event ID/Source: 1802 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.

Event Record #/Type506 / Error
Event Submitted/Written: 01/06/2008 08:35:57 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16574, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type505 / Error
Event Submitted/Written: 01/06/2008 08:35:56 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16574, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type503 / Error
Event Submitted/Written: 01/06/2008 02:13:21 PM
Event ID/Source: 1802 / SecurityCenter
Event Description:
The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type2350 / Warning
Event Submitted/Written: 01/07/2008 09:58:11 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 000C413829C0. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Event Record #/Type2241 / Error
Event Submitted/Written: 01/06/2008 11:29:38 AM
Event ID/Source: 1001 / Dhcp
Event Description:
Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 000C413829C0. The following error
occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Event Record #/Type2236 / Error
Event Submitted/Written: 01/06/2008 11:29:17 AM
Event ID/Source: 1000 / Dhcp
Event Description:
Your computer has lost the lease to its IP address 10.0.0.6 on the
Network Card with network address 000C413829C0.

Event Record #/Type2235 / Warning
Event Submitted/Written: 01/06/2008 11:29:17 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 000C413829C0. The following
error occurred:
%%121.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Event Record #/Type2232 / Warning
Event Submitted/Written: 01/04/2008 03:54:43 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 000C413829C0. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.



-- End of Deckard's System Scanner: finished at 2008-01-07 22:04:12 ------------
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Re: Help Comp Slow

Unread postby Shaba » January 8th, 2008, 9:18 am

Hi

You ran DSS from IE temp folder:

C:\Documents and Settings\Vgamecoder\Local Settings\Temporary Internet Files\Content.IE5\1TQ5U0FA\dss[1].exe

For next tool it is essential that you run it from desktop.

If you have problems, please ask before proceeding.

Delete all possible copies of combofix if present.

1. Download combofix from any of these links and save it to Desktop:
Link 1
Link 2
Link 3

**Note: It is important that it is saved directly to your desktop**

2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you (C:\ComboFix.txt). Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

Post:

- a fresh HijackThis log
- combofix report
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Help Comp Slow

Unread postby gamerking#1 » January 9th, 2008, 10:25 pm

You ran DSS from IE temp folder:

Whoops sorry I'll be more careful about that next time



ComboFix 08-01-10.2 - Vgamecoder 2008-01-09 20:53:57.1 - NTFSx86
Running from: C:\Documents and Settings\Vgamecoder\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Vgamecoder\Application Data\SpamBlocker
C:\Documents and Settings\Vgamecoder\Application Data\SpamBlockerUtility_Icons
C:\Documents and Settings\Vgamecoder\Application Data\SpamBlockerUtility_Icons\Software_Online_8.ico
C:\Documents and Settings\Vgamecoder\Application Data\SpamBlockerUtility_Icons\wallpapere1.ico
C:\Program Files\Hotbar
C:\WINDOWS\system32\ciadminm.dll
C:\WINDOWS\system32\drivers\ficdygvx.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_JDWOUVCB
-------\jdwouvcb


((((((((((((((((((((((((( Files Created from 2007-12-10 to 2008-01-10 )))))))))))))))))))))))))))))))
.

2008-01-09 20:52 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-07 17:19 . 2008-01-08 17:43 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-07 17:19 . 2008-01-07 17:19 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-06 13:26 . 2003-07-20 22:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd
2008-01-06 13:26 . 2005-01-04 13:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2008-01-06 13:26 . 2008-01-09 16:58 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-01-06 13:02 . 2008-01-06 13:02 <DIR> d-------- C:\Program Files\Acclaim
2007-12-30 17:53 . 2007-12-30 17:53 30 --a------ C:\test.ini
2007-12-30 17:49 . 2007-12-30 21:17 <DIR> d-------- C:\Program Files\Battlezone II
2007-12-19 17:59 . 2007-12-22 18:20 <DIR> d-------- C:\Dev-C++

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-09 23:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-01-06 18:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-06 18:02 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-15 03:58 --------- d-----w C:\Program Files\Trend Micro
2007-12-11 01:56 --------- d-----w C:\Documents and Settings\Vgamecoder\Application Data\Dev-Cpp
2007-12-05 01:04 --------- d-----w C:\Program Files\Audacity
2007-12-05 00:54 --------- d-----w C:\Program Files\AviSynth 2.5
2007-12-05 00:53 --------- d-----w C:\Program Files\eRightSoft
2007-12-04 04:04 --------- d-----w C:\Documents and Settings\Vgamecoder\Application Data\Corel
2007-12-04 01:06 --------- d-----w C:\Program Files\Common Files\Borland Shared
2007-12-04 01:03 --------- d-----w C:\Program Files\Corel
2007-11-29 21:06 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-11-27 18:37 --------- d-----w C:\Program Files\LimeWire
2007-11-27 18:29 --------- d-----w C:\Program Files\Google
2007-11-25 19:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-11-24 21:09 --------- d-----w C:\Program Files\Portable Media Center
2007-11-23 13:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2007-11-18 17:25 --------- d-----w C:\Program Files\Install Creator
2007-11-18 03:30 --------- d-----w C:\Documents and Settings\Vgamecoder\Application Data\LimeWire
2007-11-17 20:56 --------- d-----w C:\Program Files\Java
2007-11-17 20:53 --------- d-----w C:\Program Files\Common Files\Java
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-13 03:17 --------- d-----w C:\Program Files\Game_Maker6
2007-11-13 00:55 --------- d-----w C:\Program Files\Lavasoft
2007-11-13 00:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-13 00:53 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-11-13 00:41 --------- d-----w C:\Program Files\Sonic Solutions
2007-11-13 00:40 --------- d-----w C:\Program Files\VERITAS Software
2007-11-13 00:40 --------- d-----w C:\Program Files\Sony
2007-11-13 00:40 --------- d-----w C:\Program Files\MyCDPro
2007-11-13 00:39 --------- d-----w C:\Program Files\Screenblast
2007-11-13 00:39 --------- d-----w C:\Program Files\CyberLink
2007-11-13 00:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2007-11-13 00:37 --------- d-----w C:\Program Files\Real
2007-11-13 00:35 --------- d-----w C:\Program Files\Common Files\Adobe
2007-11-13 00:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation
2007-11-13 00:24 --------- d-----w C:\Documents and Settings\Vgamecoder\Application Data\acccore
2007-11-13 00:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL OCP
2007-11-13 00:23 --------- d-----w C:\Program Files\AIM6
2007-11-13 00:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-11-13 00:22 --------- d-----w C:\Program Files\Common Files\AOL
2006-05-03 09:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]
"Aim6"="" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-12 20:12 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LTSMMSG"="LTSMMSG.exe" [2002-03-29 18:07 32768 C:\WINDOWS\LTSMMSG.exe]
"SiS Tray"="" []
"SiS KHooker"="C:\WINDOWS\System32\khooker.exe" [ ]
"Pop3trap.exe"="C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe" [2001-12-18 22:09 294982]
"WebTrapNT.exe"="C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe" [2001-12-18 21:58 235520]
"ZTgServerSwitch"="c:\program files\support.com\client\lserver\server.vbs" [2002-04-26 03:42 11406]
"NvCplDaemon"="NvQTwk" []
"CleanupProgram"="C:\Sonysys\cleanup.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
"QuickFinder Scheduler"="C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE" [2001-10-02 01:36 77887]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 00:31 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 00:31 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 00:32 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 00:32 455168]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-11-12 19:35:10]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-11-12 20:12:03]
Real-time Monitor.lnk - C:\WINDOWS\Installer\{A839294B-70A9-11D5-9F5A-0050DAD742CD}\_106B5A0.exe [2002-04-25 16:46:30]
VAIO Action Setup (Server).lnk - C:\Program Files\Sony\VAIO Action Setup\VAServ.exe [2002-04-25 16:44:51]

R3 LucentSoftModem;Lucent Technologies Soft Modem;C:\WINDOWS\system32\DRIVERS\LTSM.sys [2002-03-29 18:34]
R3 PRISM_USB;Linksys Wireless-B USB Network Adapter Driver;C:\WINDOWS\system32\DRIVERS\LSPMUSB.sys [2003-08-05 02:07]
R3 SiS7012;Service for AC'97 Sample Driver (WDM);C:\WINDOWS\system32\drivers\sis7012.sys [2002-03-28 15:08]
S3 SMBE;Sony MPEG2 Encoder Board (WDM);C:\WINDOWS\system32\Drivers\SMBE.SYS [2002-04-16 18:32]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-09 21:02:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-09 21:08:13 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-10 02:07:54
.
2008-01-09 21:11:57 --- E O F ---
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Re: Help Comp Slow

Unread postby Shaba » January 10th, 2008, 5:50 am

Hi

That seems to have worked :)

Please post a fresh HijackThis log next.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Help Comp Slow

Unread postby gamerking#1 » January 10th, 2008, 7:07 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:05:57 PM, on 1/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Trend Micro\PC-cillin 2000\Tmntsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\LTSMMSG.exe
C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe
C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Trend Micro\PC-cillin 2000\PNTIOMON.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\Program Files\Trend Micro\PC-cillin 2000\pccntupd.exe
C:\WINDOWS\System32\svchost.exe
c:\progra~1\Support.com\client\bin\tgcmd.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\adobe\acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe"
O4 - HKLM\..\Run: [WebTrapNT.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe"
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [CleanupProgram] C:\Sonysys\cleanup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Real-time Monitor.lnk = ?
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4911586539
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2000\Tmntsrv.exe

--
End of file - 5426 bytes
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Re: Help Comp Slow

Unread postby Shaba » January 11th, 2008, 6:10 am

Hi

Is Trend Micro PC-cillin 2000 up-to-date?

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then start to download the latest definition files.
  • Once the scanner is installed and the definitions downloaded, click Next.
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:

    o Scan using the following Anti-Virus database:

    + Extended (If available otherwise Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases

  • Click OK
  • Now under select a target to scan select My Computer
  • The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Note: This scanner will work with Internet Explorer Only!

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

Post:

- a fresh HijackThis log
- kaspersky report
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Help Comp Slow

Unread postby gamerking#1 » January 15th, 2008, 9:23 pm

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, January 15, 2008 8:18:43 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 15/01/2008
Kaspersky Anti-Virus database records: 512504
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 65181
Number of viruses found: 17
Number of infected objects: 33
Number of suspicious objects: 0
Duration of the scan process: 02:27:36

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Lavasoft\MiniMessage\1 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Vgamecoder\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\History\History.IE5\MSHist012008011520080116\index.dat Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Temp\nsq76.tmp Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Temp\~DF273E.tmp Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Temp\~DF6305.tmp Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Temp\~DFB073.tmp Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Temp\~DFF1A5.tmp Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Temp\~DFF1BB.tmp Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Temporary Internet Files\Content.IE5\1PMFV081\mp3player_forprofile[1].swf Object is locked skipped
C:\Documents and Settings\Vgamecoder\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Vgamecoder\My Documents\LDW\Plant Tycoon\ldwLog.txt Object is locked skipped
C:\Documents and Settings\Vgamecoder\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Vgamecoder\ntuser.dat.LOG Object is locked skipped
C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll Infected: not-a-virus:AdWare.Win32.Shopper.q skipped
C:\Program Files\Trend Micro\HijackThis\backups\backup-20071225-123919-528.dll Infected: Trojan.Win32.BHO.abo skipped
C:\Program Files\Trend Micro\HijackThis\backups\backup-20071225-123953-354.dll Infected: Trojan.Win32.BHO.abo skipped
C:\Program Files\Trend Micro\HijackThis\backups\backup-20071225-124020-262.dll Infected: Trojan.Win32.BHO.abo skipped
C:\Program Files\Trend Micro\HijackThis\backups\backup-20071225-124228-850.dll Infected: Trojan.Win32.BHO.abo skipped
C:\Program Files\Trend Micro\HijackThis\backups\backup-20071225-124554-178.dll Infected: Trojan.Win32.BHO.abo skipped
C:\Program Files\Trend Micro\HijackThis\backups\backup-20071225-124724-970.dll Infected: Trojan.Win32.BHO.abo skipped
C:\Program Files\Veoh Networks\Veoh\client.log Object is locked skipped
C:\Program Files\Veoh Networks\Veoh\upload.log Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\ficdygvx.dat.vir Object is locked skipped
C:\QooBox\Quarantine\catchme2008-01-09_210207.39.zip/ficdygvx.dat Infected: Rootkit.Win32.Agent.tw skipped
C:\QooBox\Quarantine\catchme2008-01-09_210207.39.zip/ficdygvx.dat.1 Infected: Rootkit.Win32.Agent.tw skipped
C:\QooBox\Quarantine\catchme2008-01-09_210207.39.zip/ciadminm.dll Infected: Trojan.Win32.BHO.abo skipped
C:\QooBox\Quarantine\catchme2008-01-09_210207.39.zip ZIP: infected - 3 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP10\A0008589.dll Infected: Trojan-Downloader.Win32.Delf.dbo skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP17\A0012988.exe Infected: not-a-virus:AdWare.Win32.HotBar.bt skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP17\A0012989.dll Infected: not-a-virus:AdWare.Win32.HotBar.be skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP17\A0012990.dll Infected: not-a-virus:AdWare.Win32.HotBar.be skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP17\A0012991.exe Infected: not-a-virus:AdWare.Win32.HotBar.bt skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP17\A0012992.dll Infected: not-a-virus:AdWare.Win32.HotBar.bz skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP17\A0012993.exe Infected: not-a-virus:AdWare.Win32.HotBar.by skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP17\A0012994.exe Infected: not-a-virus:AdWare.Win32.HotBar.bw skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP17\A0012995.dll Infected: not-a-virus:AdWare.Win32.HotBar.bx skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP17\A0012996.dll Infected: not-a-virus:AdWare.Win32.HotBar.bj skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP17\A0012997.dll Infected: not-a-virus:AdWare.Win32.HotBar.be skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP18\A0013023.dll Infected: not-a-virus:AdWare.Win32.HotBar.ar skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP2\A0000047.dll Infected: Trojan.Win32.BHO.yr skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP35\A0014534.dll Infected: not-a-virus:AdWare.Win32.HotBar.ch skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP35\A0014540.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions.bj skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP35\A0014540.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions.bj skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP35\A0014540.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP36\A0014561.dll Infected: not-a-virus:AdWare.Win32.180Solutions.bl skipped
C:\System Volume Information\_restore{9064A718-8822-4594-9843-DDC9AD7DED22}\RP38\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{A0A26C2A-E8EF-42E3-BC3C-38D63C42C7C2}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\ciadminm.1 Infected: Trojan.Win32.BHO.yr skipped
C:\WINDOWS\system32\ciadminm.2 Infected: Trojan-Downloader.Win32.Delf.dbo skipped
C:\WINDOWS\system32\ciadminm.3 Infected: Trojan.Win32.BHO.abm skipped
C:\WINDOWS\system32\ciadminm.4 Infected: Trojan.Win32.BHO.abo skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\Perflib_Perfdata_5c0.dat Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\4444a31c7615d5cebb46b\1394bus.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\61883.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\6to4svc.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\ac97ali.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\ac97via.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\acgenral.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\aclayers.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\aclua.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\acpi.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\acspecfc.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\activ.htm Object is locked skipped
D:\4444a31c7615d5cebb46b\activsvc.htm Object is locked skipped
D:\4444a31c7615d5cebb46b\actlan.htm Object is locked skipped
D:\4444a31c7615d5cebb46b\actshell.htm Object is locked skipped
D:\4444a31c7615d5cebb46b\acverfyr.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\acxtrnal.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\adeskerr.htm Object is locked skipped
D:\4444a31c7615d5cebb46b\admin.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\admin.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\admjoy.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\adsldp.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\adsldpc.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\adsmsext.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\adsnt.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\advapi32.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\advpack.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\aec.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\afd.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\ahui.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\alg.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\amdk6.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\amdk7.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\an983.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\apphelp.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\apphelp.sdb Object is locked skipped
D:\4444a31c7615d5cebb46b\apps.chm Object is locked skipped
D:\4444a31c7615d5cebb46b\appwiz.cpl Object is locked skipped
D:\4444a31c7615d5cebb46b\arial.ttf Object is locked skipped
D:\4444a31c7615d5cebb46b\arp1394.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\asctrls.ocx Object is locked skipped
D:\4444a31c7615d5cebb46b\asferror.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\asfsipc.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\at.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\atapi.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\ati2dvaa.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\ati2dvag.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\ati2mtaa.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\ati2mtag.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\ati3d1ag.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\ati3d2ag.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\atinbtxx.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\atinmdxx.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\atinpdxx.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\atinraxx.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\atinrvxx.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\atinsnxx.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\atinttxx.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\atintuxx.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\atinxbxx.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\atinxsxx.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\atiradn1.inf Object is locked skipped
D:\4444a31c7615d5cebb46b\ativdaxx.ax Object is locked skipped
D:\4444a31c7615d5cebb46b\ativmvxx.ax Object is locked skipped
D:\4444a31c7615d5cebb46b\atl.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\atmlane.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\audiosrv.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\author.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\author.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\autochk.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\autolfn.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\auupdate.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\avc.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\avifil32.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\basesrv.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\batt.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\bridge.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\browselc.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\browser.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\browseui.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\browsewm.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cabinet.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\callcont.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\catsrvut.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\ccdecode.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\cdfs.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\cdm.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cdrom.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\certcli.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cewmdm.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cfgbkend.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cfgwiz.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\cimwin32.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\ciodm.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\classpnp.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\clipbrd.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\clusapi.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cmbatt.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\cmdial32.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cmdl32.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\comadmin.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\comctl32.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\comdlg32.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\compatui.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\comsvcs.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\conf.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\conime.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\copymar.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\courtney.acs Object is locked skipped
D:\4444a31c7615d5cebb46b\credui.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\crusoe.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\crypt32.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cryptdlg.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cryptsvc.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cryptui.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\cscui.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\csrsrv.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\ctfmon.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\custdial.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\d3d8.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\danim.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dbghelp.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dbmsadsn.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dbmsrpcn.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dbmsvinn.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dbnetlib.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dbnmpntw.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dcache.bin Object is locked skipped
D:\4444a31c7615d5cebb46b\dcap32.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\ddraw.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\defrag.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\desk.cpl Object is locked skipped
D:\4444a31c7615d5cebb46b\devmgr.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dfrgfat.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\dfrgntfs.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\dfrgsnap.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dfrgui.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dfsshlex.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dgnet.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dhcpcsvc.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dhtmled.ocx Object is locked skipped
D:\4444a31c7615d5cebb46b\digest.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dinput.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dinput8.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\disk.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\diskdump.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\dlimport.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\dmband.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dmcompos.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dmime.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dmloader.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dmscript.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dmstyle.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dmusic.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dnsapi.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\docprop2.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\download\explorer.exe._p0 Object is locked skipped
D:\4444a31c7615d5cebb46b\dpnet.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dpnhpast.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dpnhupnp.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dpvoice.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dpvsetup.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\dpwsockx.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\drmclien.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\drmk.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\drmkaud.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\drmstor.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\drmv2clt.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\drvmain.sdb Object is locked skipped
D:\4444a31c7615d5cebb46b\ds32gt.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dshowext.ax Object is locked skipped
D:\4444a31c7615d5cebb46b\dsprop.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dsquery.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dssenh.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dumprep.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\duser.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dw.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\dwwin.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\dxdiag.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\dxg.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\dxmasf.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dxmrtp.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dxtmsft.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\dxtrans.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\earl.acs Object is locked skipped
D:\4444a31c7615d5cebb46b\els.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\ersvc.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\es.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\esscli.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\essm2e.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\eudcedit.exe Object is locked skipped
D:\4444a31c7615d5cebb46b\eventlog.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\evntrprv.dll Object is locked skipped
D:\4444a31c7615d5cebb46b\ic\battery.inf Object is locked skipped
D:\4444a31c7615d5cebb46b\ic\cdrom.inf Object is locked skipped
D:\4444a31c7615d5cebb46b\ic\iis.inf Object is locked skipped
D:\4444a31c7615d5cebb46b\lang\pintlgl.imd Object is locked skipped
D:\4444a31c7615d5cebb46b\licwmi.mfl Object is locked skipped
D:\4444a31c7615d5cebb46b\lvback.gif Object is locked skipped
D:\4444a31c7615d5cebb46b\msdtctr.mof Object is locked skipped
D:\4444a31c7615d5cebb46b\newalert.wav Object is locked skipped
D:\4444a31c7615d5cebb46b\newemail.wav Object is locked skipped
D:\4444a31c7615d5cebb46b\online.wav Object is locked skipped
D:\4444a31c7615d5cebb46b\secdrv.sys Object is locked skipped
D:\4444a31c7615d5cebb46b\type.wav Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\acpi.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\au.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\bda.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\cpu.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\disk.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\dpcdll.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\dpup.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\drvindex.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\hiddigi.inf._p0 Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\hidserv.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\ie.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\ieaccess.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\ims.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\input.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\intl.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\keyboard.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\kscaptur.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\layout.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\miscp.chm._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\mshdc.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\msoe50.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\netip6.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\netoc.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\netrass.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\nt5inf.cat._p0 Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\ntprint.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\pchealth.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\pidgen.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\pnpscsi.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\scsi.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\swflash.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\sysoc.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\syssetup.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\tape.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\tsoc.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\usbport.inf._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\ic\whatnewp.chm._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\chajei.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\chtmbx.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\chtskdic.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\chtskf.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\cintime.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\cintlgnt.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\cintsetp.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\cplexe.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\dayi.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imekr61.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imekrcic.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjp81.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjp81k.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjpcd.dic._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjpcic.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjpcus.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjpdct.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjpdct.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjpdsvr.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjpinst.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjpinst.ini._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjpmig.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjprw.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjputy.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imjputyc.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imlang.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\imscinst.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\miniime.tpl._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\padrs404.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\padrs804.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\phon.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlcsa.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlcsd.dic._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlcsd.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlcsk.dic._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlgc.imd._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlgd.imd._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlgdx.imd._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlgi.imd._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlgix.imd._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlgne.chm._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlgnt.chm._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlgnt.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlgr.imd._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlgs.imd._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pintlphr.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\pmigrate.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\quick.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\romanime.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\tintlgnt.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\tintlphr.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\tintsetp.exe._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\tmigrate.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\unicdime.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\uniime.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\voicepad.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\voicesub.dll._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\winar30.ime._p Object is locked skipped
D:\585fbf9ed53b40f16a857554ab157141\download\lang\winime.ime._p Object is locked skipped
D:\c14b83931382d45f0b66\sp2\spmsg.dll Object is locked skipped
D:\c14b83931382d45f0b66\sp2\spuninst.exe Object is locked skipped
D:\c14b83931382d45f0b66\sp2\update\eula.txt Object is locked skipped
D:\c14b83931382d45f0b66\sp2\update\spcustom.dll Object is locked skipped
D:\c14b83931382d45f0b66\sp2\update\update.exe Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.














Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:22:50 PM, on 1/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Trend Micro\PC-cillin 2000\Tmntsrv.exe
C:\WINDOWS\LTSMMSG.exe
C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe
C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Trend Micro\PC-cillin 2000\PNTIOMON.exe
C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
C:\Program Files\Trend Micro\PC-cillin 2000\pccntupd.exe
C:\WINDOWS\system32\wscntfy.exe
c:\progra~1\Support.com\client\bin\tgcmd.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Zango\bin\10.1.181.0\Srv.exe
C:\Program Files\BitLord\BitLord.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Macromedia\Flash 8\Flash.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\adobe\acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\Pop3trap.exe"
O4 - HKLM\..\Run: [WebTrapNT.exe] "C:\Program Files\Trend Micro\PC-cillin 2000\WebTrapNT.exe"
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [CleanupProgram] C:\Sonysys\cleanup.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Real-time Monitor.lnk = ?
O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4911586539
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2000\Tmntsrv.exe

--
End of file - 6882 bytes
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Re: Help Comp Slow

Unread postby Shaba » January 16th, 2008, 5:50 am

Hi

How about this?

"Is Trend Micro PC-cillin 2000 up-to-date?"

You seem to have more baddies there:

To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

Image

5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Help Comp Slow

Unread postby gamerking#1 » January 19th, 2008, 5:23 pm

Ad-Aware 2007
Adobe Acrobat 5.0
Adobe Flash Player 9 ActiveX
Adobe Photoshop Elements
Adobe Shockwave Player
AIM 6
Apple Software Update
Audacity 1.2.6
BitLord 1.1
Dev-C++ 4
Dev-C++ 5 beta 9 release (4.9.9.2)
DigitalPrint 1.1
DivX Content Uploader
DivX Web Player
DVDit! LE
DVgate
Experience VAIO
Game Maker 6.1A
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
HijackThis 2.0.2
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
ImageStation
ImageStation Demo
Install Creator
Java(TM) 6 Update 2
Kaspersky Online Scanner
LimeWire 4.14.10
Lucent Technologies Soft Modem AMR
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
MinGW 5.1.3
Motion JPEG Software Decoder
MovieShaker 3.3
Music Visualizer Library
NVIDIA Windows 2000/XP Display Drivers
OpenMG Secure Module 3.0.03
PC-cillin 2000
PicoPlayer
PicoPlayer Demo
PicoPlayerSplashScreen
Portable Media Center
PowerDVD
Quicken 2002 New User Edition
QuickTime
RealPlayer Basic
RealProducer Basic 8.5
Screenblast ACID 2.0a
Screenblast Sound Forge 1.0b
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
ShopperReports
Simple DVD Maker 1.2 (with Dolby Digital)
SiS Audio Driver
SiS Compatible VGA V2.07f.01
Smart Capture
SonicStage 1.2.00
SonicStage CD-R Writing Module
Sony Certificate PCH
Sony DV Shared Library
Sony on Yahoo! Essentials
SUPER © Version 2007.bld.23 (July 4, 2007)
Support Actions Win2K,WinXP
Universal Extractor 1.5
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
VAIO Action Setup
VAIO Brezza Wallpaper
VAIO Clock Screen Saver
VAIO Grid Wallpaper
VAIO Help & Support
VAIO Registration
VAIO Serenus Wallpaper
VAIO Support
VAIO System Information
VeohTV BETA
VERITAS RecordNow DX
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WordPerfect Office 2002 OEM






Is Trend Micro PC-cillin 2000 up-to-date?

Oh Sorry I Must Have Skipped It Some How... I Am Not Sure At All. I Dont Ever Remember Updating It If That Is What Your Asking.
gamerking#1
Regular Member
 
Posts: 96
Joined: April 16th, 2007, 4:14 pm

Re: Help Comp Slow

Unread postby Shaba » January 20th, 2008, 5:49 am

Hi

When have you installed Trend Micro PC-cillin 2000?

Uninstall via add/remove programs:

ShopperReports

Delete if present:

C:\Program Files\ShoppingReport

Empty Recycle Bin.

Post back a fresh HijackThis log.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Help Comp Slow

Unread postby Shaba » January 25th, 2008, 6:17 am

gamerking#1?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 332 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware