| pat2franklin |
| (new user) |
| Fri Jun 26 2009 07:48 PM |
sloooooooooooow computer, need some help
|
computer takes forever when I'm opening programs and running firefox, I know it was never this slow, here is the hijack report
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:47:14 PM, on 6/26/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\sttray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lexmark Z2300 Series\lxdpmon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Lexmark Z2300 Series\lxdpMsdMon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdpmon.exe] "C:\Program Files\Lexmark Z2300 Series\lxdpmon.exe"
O4 - HKLM\..\Run: [lxdpamon] "C:\Program Files\Lexmark Z2300 Series\lxdpamon.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Odds Maker - {b3cab7b9-eb43-46a2-8e15-02cc298dec71} - C:\Users\RAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Odds Maker\Odds Maker.lnk (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxdp_device - - C:\Windows\system32\lxdpcoms.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8058 bytes
| bricat |
| (HijackThis Helper) |
| Fri Jun 26 2009 10:22 PM |
|
Re: sloooooooooooow computer, need some help
|
Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Link 1
Link 2
**Note: It is important that it is saved directly to your desktop**
--------------------------------------------------------------------
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
If you don't know how to disable some of your security programs have a look :- HERE
--------------------------------------------------------------------
Double click on ComboFix.exe & follow the prompts.
- When finished, it will produce a report for you.
- Please post the C:\ComboFix.txt along with a new HijackThis log for further review.
Please keep me informed about any changes to your problems during the different steps of the fix
FOR OTHER USERS, DO NOT RUN COMBOFIX UNLESS YOU ARE ASKED TO DO SO BY A HJT HELPER
| pat2franklin |
| (new user) |
| Sat Jun 27 2009 08:26 PM |
|
Re: sloooooooooooow computer, need some help
|
here is the combofix report:
ComboFix 09-06-26.02 - RAC 06/27/2009 13:55.4 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.446.63 [GMT -4:00]
Running from: c:\users\RAC\Desktop\ComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-06-27 )))))))))))))))))))))))))))))))
.
2009-06-19 21:50 . 2009-06-19 21:50 314200 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\threatwork.exe
2009-06-19 21:50 . 2009-06-19 21:50 25440 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\savapibridge.dll
2009-06-19 21:50 . 2009-06-19 21:50 169312 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavamessage.dll
2009-06-19 21:50 . 2009-06-19 21:50 348496 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lavalicense.dll
2009-06-19 21:50 . 2009-06-19 21:50 296800 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\UpdateManager.dll
2009-06-19 21:50 . 2009-06-19 21:50 1630048 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Resources.dll
2009-06-19 21:50 . 2009-06-19 21:50 72704 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Drivers\32\AAWDriverTool.exe
2009-06-19 21:50 . 2009-06-19 21:50 640360 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\CEAPI.dll
2009-06-19 21:49 . 2009-06-19 21:49 561016 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe
2009-06-19 21:49 . 2009-06-19 21:49 565096 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe
2009-06-19 21:49 . 2009-06-19 21:49 2349384 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-Aware.exe
2009-06-19 21:49 . 2009-06-19 21:49 627536 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWWSC.exe
2009-06-19 21:49 . 2009-06-19 21:49 518488 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWTray.exe
2009-06-19 21:49 . 2009-06-19 21:49 1003344 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWService.exe
2009-06-11 00:10 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-06-11 00:03 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
2009-06-10 23:00 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-01 21:51 . 2009-06-01 21:51 15688 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\lsdelete.exe
2009-06-01 21:51 . 2009-06-01 21:51 83808 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\ShellExt.dll
2009-06-01 21:50 . 2009-06-01 21:50 212848 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\RPAPI.dll
2009-06-01 21:50 . 2009-06-01 21:50 40288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\PrivacyClean.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-27 16:53 . 2009-02-26 14:38 -------- d-----w- c:\program files\Disk Doctors NTFS Data Recovery
2009-06-27 16:53 . 2008-04-17 01:38 -------- d-----w- c:\program files\Pat'sJunk
2009-06-27 01:25 . 2008-06-20 13:10 -------- d-----w- c:\programdata\Google Updater
2009-06-17 07:04 . 2007-02-21 21:49 -------- d-----w- c:\program files\Microsoft Works
2009-06-15 01:54 . 2009-06-15 01:53 558716 ----a-w- c:\programdata\SPL5B9D.tmp
2009-05-13 07:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-08 21:49 . 2009-05-09 05:49 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-05-08 21:48 . 2009-05-08 21:49 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-05-08 21:48 . 2009-05-08 21:48 64160 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Drivers\32\lbd.sys
2009-05-08 21:42 . 2009-05-08 21:42 -------- dc-h--w- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-08 21:42 . 2009-05-08 21:42 -------- d-----w- c:\program files\Lavasoft
2009-05-01 19:12 . 2009-05-01 19:12 -------- d-----w- c:\program files\Coupons
2009-04-24 16:05 . 2009-06-12 15:10 827904 ----a-w- c:\windows\system32\wininet.dll
2009-04-24 16:02 . 2009-06-12 15:10 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-24 13:44 . 2009-06-12 15:10 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2008-08-12 13:38 . 2008-08-12 13:38 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2007-02-22 05:15 . 2007-02-22 05:15 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2006-11-12 446976]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-10-31 50480]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 356352]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-17 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-12 29744]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2006-11-17 17920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-08 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-08 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-08 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-16 148888]
"lxdpmon.exe"="c:\program files\Lexmark Z2300 Series\lxdpmon.exe" [2008-03-27 656040]
"lxdpamon"="c:\program files\Lexmark Z2300 Series\lxdpamon.exe" [2008-03-27 16040]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-06-19 518488]
"SigmatelSysTrayApp"="sttray.exe" - c:\windows\sttray.exe [2006-11-22 303104]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-12-23 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-2-21 45056]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{36B4638E-C58B-49E6-9774-AA7825BCCB80}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{758C24D8-9304-4AC6-A3A7-DA30318B2366}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{1FADB1BA-69A0-48A7-A83A-3E47BF29D01C}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{F4069930-ADE2-44F7-B58D-3AE8D7C5F27D}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{F1A2B575-954B-44B3-8AE7-756A3D988F44}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{F2E0FED2-4454-4482-97A2-5C647B764157}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{77CED7B5-A992-49C1-848B-3B284ADED83F}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{45826722-C081-41AF-B3D7-CD8E1F906D85}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{94AFB97C-5B95-4A81-8746-B6C276063F90}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"{4DF5E879-6F97-412B-8883-6A9D1A11D7AD}"= UDP:c:\program files\AIM6\aim6.exe:AIM
"{4C75BA59-3E31-4E15-BE61-B1FF342C06B3}"= TCP:c:\program files\AIM6\aim6.exe:AIM
"{09FBB736-22AE-4903-BF46-11809ED4581A}"= UDP:c:\windows\explorer.exe:Explorer
"{741D5960-6BE0-429D-BF08-8E2381239E2C}"= TCP:c:\windows\explorer.exe:Explorer
"{9537E2FE-5BC1-41BF-8DE4-1A4B46FFB013}"= UDP:c:\windows\System32\LogonUI.exe:LogonUI
"{2427F8C5-97B6-4F4B-88B5-BAD11D195D47}"= TCP:c:\windows\System32\LogonUI.exe:LogonUI
"{C1E588A5-5834-4D99-9B6E-568A6DB747CC}"= UDP:c:\windows\System32\wininit.exe:wininit
"{A5668BD7-113C-43F8-A9C6-95D13C405709}"= TCP:c:\windows\System32\wininit.exe:wininit
"{F5F77260-EBE9-4CBE-8583-8D603072FD9E}"= UDP:c:\windows\System32\winlogon.exe:winlogon
"{9E963AC5-19E8-49AF-8D26-558364CCA7CA}"= TCP:c:\windows\System32\winlogon.exe:winlogon
"{C232D5D0-2989-42EE-9B01-21CEC7C5A213}"= c:\program files\AVG\AVG8\avgam.exe:avgam.exe
"{890331CB-7718-47B8-AB47-2ABFA8021AF4}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{FB623063-24E7-4115-906E-67AE40BB41F4}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{C66510BC-3C0F-4E91-A815-88D99FB236ED}"= UDP:c:\program files\Pat'sJunk\utorrent.exe:µTorrent (TCP-In)
"{40AFBD86-765E-4C64-9597-5BEFDDE37C2E}"= TCP:c:\program files\Pat'sJunk\utorrent.exe:µTorrent (UDP-In)
"{5D85F5BB-9164-4E43-A706-97E5CCADF59C}"= UDP:C:\utorrent.exe:µTorrent (TCP-In)
"{B54C1391-2A87-4C80-9CA9-D4CF851F2F1C}"= TCP:C:\utorrent.exe:µTorrent (UDP-In)
"{56152AD0-DF09-4ED9-A238-6D660B798364}"= UDP:c:\users\RAC\Desktop\utorrent.exe:µTorrent (TCP-In)
"{A15C8082-AB80-4EBA-A134-498825CDF7A5}"= TCP:c:\users\RAC\Desktop\utorrent.exe:µTorrent (UDP-In)
"TCP Query User{1EFC6EB5-EB56-4B1C-9D4B-2BC1BCAD0CEB}c:\\program files\\odds maker\\client.exe"= UDP:c:\program files\odds maker\client.exe:Odds Maker Client
"UDP Query User{64F801BD-4D37-4D9F-926F-A39F394FC78F}c:\\program files\\odds maker\\client.exe"= TCP:c:\program files\odds maker\client.exe:Odds Maker Client
"{474C3321-85E0-4B50-A937-11308B1746E2}"= UDP:c:\windows\System32\lxdpcoms.exe:Lexmark Communications System
"{E1510D6E-B262-48E0-A759-F197D3249CDC}"= TCP:c:\windows\System32\lxdpcoms.exe:Lexmark Communications System
"{725A4B7E-9336-4CB4-8348-643891654AF4}"= UDP:c:\program files\Lexmark Z2300 Series\lxdpamon.exe:Lexmark Device Monitor
"{1C961244-E2F3-4ECC-9FD7-0B4ACB0B60D6}"= TCP:c:\program files\Lexmark Z2300 Series\lxdpamon.exe:Lexmark Device Monitor
"{FB2C7FBC-AC74-4DFC-9D78-546A28A74A41}"= UDP:c:\program files\Lexmark Z2300 Series\frun.exe:Lexmark Productivity Studio
"{875DF210-7148-4212-830D-E0C7AD7228AB}"= TCP:c:\program files\Lexmark Z2300 Series\frun.exe:Lexmark Productivity Studio
"{BD178C3F-4FCC-4743-821E-697E16D23B45}"= UDP:c:\program files\Lexmark Z2300 Series\lxdpmon.exe:Printer Device Monitor
"{3DFFD2A5-3442-416E-99C8-DE5835201419}"= TCP:c:\program files\Lexmark Z2300 Series\lxdpmon.exe:Printer Device Monitor
"{74675573-4416-45E5-B3F0-1A43BED39849}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdppswx.exe:Printer Status Window Interface
"{B26DB65E-2F66-4B5F-8894-0CE6F76F18A0}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdppswx.exe:Printer Status Window Interface
"{341E3770-BB4A-47BB-B87D-4141D4C14D5A}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdpjswx.exe:Job Status Window Interface
"{EA49CB93-0A84-42E3-81E3-8FB1D682541C}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdpjswx.exe:Job Status Window Interface
"TCP Query User{2854CC28-528B-4543-91F1-20F2F4A50DE9}c:\\windows\\system32\\spool\\drivers\\w32x86\\3\\lxdppswx.exe"= UDP:c:\windows\system32\spool\drivers\w32x86\3\lxdppswx.exe:Printer Status Window Interface
"UDP Query User{29297785-C8DE-422D-8A8B-6692E6BD753F}c:\\windows\\system32\\spool\\drivers\\w32x86\\3\\lxdppswx.exe"= TCP:c:\windows\system32\spool\drivers\w32x86\3\lxdppswx.exe:Printer Status Window Interface
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [5/8/2009 5:49 PM 64160]
R2 lxdp_device;lxdp_device;c:\windows\system32\lxdpcoms.exe -service --> c:\windows\system32\lxdpcoms.exe -service [?]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [3/21/2008 5:23 PM 24652]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 3:06 PM 1003344]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2/21/2007 5:47 PM 29744]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder
2009-06-22 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 21:49]
2009-06-27 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-17 02:21]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.hotmail.com/
IE: &AIM Toolbar Search - c:\programdata\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\RAC\AppData\Roaming\Mozilla\Firefox\Profiles\8pp8km0d.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: keyword.URL - hxxp://www5.yoog.com/search.php?q=
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www5.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-27 14:05
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.spx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-06-27 14:09
ComboFix-quarantined-files.txt 2009-06-27 18:09
ComboFix2.txt 2009-01-03 10:00
Pre-Run: 105,008,480,256 bytes free
Post-Run: 106,376,065,024 bytes free
262 --- E O F --- 2009-06-26 23:30
AND HERE IS THE NEW HIJACK REPORT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:25:32 PM, on 6/27/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\sttray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lexmark Z2300 Series\lxdpMsdMon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [lxdpmon.exe] "C:\Program Files\Lexmark Z2300 Series\lxdpmon.exe"
O4 - HKLM\..\Run: [lxdpamon] "C:\Program Files\Lexmark Z2300 Series\lxdpamon.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Odds Maker - {b3cab7b9-eb43-46a2-8e15-02cc298dec71} - C:\Users\RAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Odds Maker\Odds Maker.lnk (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxdp_device - - C:\Windows\system32\lxdpcoms.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 7181 bytes
| bricat |
| (HijackThis Helper) |
| Sat Jun 27 2009 10:53 PM |
|
|
|
Re: sloooooooooooow computer, need some help
|
I don't see anything there.
Download and scan with CCleaner
- CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation.
IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build. - Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
Then select "Cookies"
Move any cookies you wish to retain, e.g. login cookies, in the left-hand window to the right-hand window by highlighting them and clicking the right arrow in the centre. - Then select the items you wish to clean up.
In the Windows Tab:
• Clean all entries in the "Internet Explorer" section.
• Clean all the entries in the "Windows Explorer" section.
• Leave the "Advanced" section at default.
• Clean any others that you choose.
Leave the system section at default
In the Applications Tab:
• Clean all entries in the Mozilla Firefox Section.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose. - Click the "Run Cleaner" button.
- A pop up box will appear advising this process will permanently delete files from your system.
- Click "OK" and it will scan and clean your system.
- Click "exit" when done.
then let us know how it is running.
| pat2franklin |
| (new user) |
| Tue Jul 07 2009 02:19 PM |
|
Re: sloooooooooooow computer, need some help
|
sorry took so long running good now, thank you
| bricat |
| (HijackThis Helper) |
| Tue Jul 07 2009 03:27 PM |
|
|
|
Re: sloooooooooooow computer, need some help
|
glad you're sorted
