Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


My Computer Is Abnormally Sluggish

  • This topic is locked This topic is locked
2 replies to this topic

#1 mtlin


  • Members
  • 18 posts
  • Local time:09:31 AM

Posted 03 June 2008 - 02:34 PM

Deckard's System Scanner v20071014.68
Run by Martin Lin on 2008-06-03 13:29:56
Computer is in Normal Mode.

System Drive C: has 2.02 GiB (less than 15%) free.

-- HijackThis (run as Martin Lin.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:30:21 PM, on 6/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\M-Audio\Ozone\Install\ozinst.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PreSonus\1394AudioDriver_FIREBox\FireBox.exe
C:\Program Files\Lynx Studio Technology\LynxTrayVolume.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Martin Lin\Desktop\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R3 - URLSearchHook: Foxit Toolbar - {73c7d5b0-7b03-444a-84c7-ce1ba03b5573} - C:\Program Files\Foxit\tbFox1.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Foxit Toolbar - {73c7d5b0-7b03-444a-84c7-ce1ba03b5573} - C:\Program Files\Foxit\tbFox1.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: Foxit Toolbar - {73c7d5b0-7b03-444a-84c7-ce1ba03b5573} - C:\Program Files\Foxit\tbFox1.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKUS\S-1-5-18\..\Run: [Compaq Service Drivers] winmsn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MS Technology] mswint2k.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunServices: [Compaq Service Drivers] winmsn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Compaq Service Drivers] winmsn.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunServices: [Compaq Service Drivers] winmsn.exe (User 'Default user')
O4 - Global Startup: FireBox Control Panel.lnk = C:\Program Files\PreSonus\1394AudioDriver_FIREBox\FireBox.exe
O4 - Global Startup: Lynx Tray Volume.lnk = C:\Program Files\Lynx Studio Technology\LynxTrayVolume.exe
O4 - Global Startup: M-Audio Ozone Control Panel Launcher.lnk = C:\Program Files\M-Audio Ozone\OZTask.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1129861339828
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1130177969250
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C2508ED-43CE-46BB-8CFA-8F3EEF636208}: NameServer =,
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: M-Audio Ozone Installer (OzoneInstallerService) - Nemesis - C:\Program Files\M-Audio\Ozone\Install\ozinst.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe

End of file - 7507 bytes

-- Files created between 2008-05-03 and 2008-06-03 -----------------------------

2008-06-02 13:39:40 0 d-------- C:\mfx_temp
2008-05-29 22:28:20 0 d-------- C:\Program Files\D-Tools
2008-05-29 14:36:12 0 d-------- C:\Documents and Settings\All Users\Application Data\MiKTeX
2008-05-29 14:31:23 0 d-------- C:\Program Files\MiKTeX 2.7
2008-05-26 15:44:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Audio Ease
2008-05-26 15:44:13 0 d-------- C:\Documents and Settings\Martin Lin\Application Data\Audio Ease
2008-05-26 15:44:12 0 d-------- C:\Program Files\Audio Ease
2008-05-20 13:07:31 0 d--h----- C:\$AVG8.VAULT$
2008-05-19 17:59:33 3982 --a------ C:\WINDOWS\kj01d.sys
2008-05-19 17:14:48 0 d-------- C:\Program Files\Magic Folders
2008-05-12 10:28:58 0 d-------- C:\Program Files\Bornemark
2008-05-11 12:26:50 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-11 12:26:37 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-11 12:22:58 0 d-------- C:\Program Files\AVG
2008-05-06 22:49:23 0 dr-h----- C:\Documents and Settings\Martin Lin\Recent

-- Find3M Report ---------------------------------------------------------------

2008-06-03 13:29:35 0 d-------- C:\Documents and Settings\Martin Lin\Application Data\WinEdt
2008-05-31 17:14:22 80 --a------ C:\WINDOWS\system32\msvcsv60.dll
2008-05-31 17:14:22 80 --a------ C:\WINDOWS\msocreg32.dat
2008-05-31 17:08:26 0 d-------- C:\Documents and Settings\Martin Lin\Application Data\REAPER
2008-05-31 17:05:34 0 d-------- C:\Program Files\Vstplugins
2008-05-31 17:03:20 0 d-------- C:\Documents and Settings\Martin Lin\Application Data\Azureus
2008-05-29 16:55:28 0 d-------- C:\Program Files\REAPER
2008-05-16 19:11:42 0 d-------- C:\Program Files\Native Instruments
2008-05-11 12:25:03 0 d-------- C:\Program Files\Lavasoft
2008-05-11 12:25:02 0 d-------- C:\Documents and Settings\Martin Lin\Application Data\Lavasoft
2008-05-05 12:28:21 0 d-------- C:\Documents and Settings\Martin Lin\Application Data\Adobe
2008-05-01 21:21:46 0 d-------- C:\Program Files\iTunes
2008-05-01 21:21:25 0 d-------- C:\Program Files\iPod
2008-05-01 21:19:38 0 d-------- C:\Program Files\QuickTime
2008-05-01 21:13:59 0 d-------- C:\Program Files\Apple Software Update
2008-04-25 17:49:59 0 d-------- C:\Program Files\Winamp
2008-04-23 14:41:49 0 d-------- C:\Program Files\Azureus
2008-04-21 18:25:14 0 d-------- C:\Program Files\Lynx Studio Technology
2008-04-13 23:15:02 0 d-------- C:\Program Files\Mozilla Thunderbird

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{73c7d5b0-7b03-444a-84c7-ce1ba03b5573}]
12/14/2007 06:53 PM 1502232 --a------ C:\Program Files\Foxit\tbFox1.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{73C7D5B0-7B03-444A-84C7-CE1BA03B5573}"= C:\Program Files\Foxit\tbFox1.dll [12/14/2007 06:53 PM 1502232]


"KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" []
"IndexSearch"="C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\IndexSearch.exe" [02/20/2006 03:38 PM]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [08/11/2007 10:19 AM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" []
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [08/12/2005 02:43 PM]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [08/19/2007 01:22 PM]
"M-Audio Taskbar Icon"="C:\WINDOWS\System32\M-AudioTaskBarIcon.exe" [10/18/2005 11:00 AM]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [04/01/2008 02:49 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [05/11/2008 12:26 PM]

"Compaq Service Drivers"=winmsn.exe
"MS Technology"=mswint2k.exe

"Compaq Service Drivers"=winmsn.exe
"MS Technology"=mswint2k.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
FireBox Control Panel.lnk - C:\Program Files\PreSonus\1394AudioDriver_FIREBox\FireBox.exe [4/8/2008 2:36:28 PM]
Lynx Tray Volume.lnk - C:\Program Files\Lynx Studio Technology\LynxTrayVolume.exe [4/21/2008 6:23:44 PM]

"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"Notification Packages"= scecli scecli


@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Martin Lin^Start Menu^Programs^Startup^GNX4 ASIO Control Panel.lnk]
path=C:\Documents and Settings\Martin Lin\Start Menu\Programs\Startup\GNX4 ASIO Control Panel.lnk
backup=C:\WINDOWS\pss\GNX4 ASIO Control Panel.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Martin Lin^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Documents and Settings\Martin Lin\Start Menu\Programs\Startup\MagicDisc.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43]
C:\Program Files\dvd43\dvd43_tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFP1815_S2P]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
"C:\Program Files\DELL\Dell Laser MFP 1815\PaperPort\pptd40nt.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
"C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

-- End of Deckard's System Scanner: finished at 2008-06-03 13:31:00 ------------

BC AdBot (Login to Remove)


#2 Guest_White Warrior_*

Guest_White Warrior_*

  • Guests

Posted 26 June 2008 - 07:23 AM

Hello mtlin

Welcome to Bleeping Computer!

Sorry about the delay. We're all volunteers here, and it's been very busy.

If you still need help, please post a new DSS.scan report to make sure nothing has changed.
Please post only the main.txt report, and I'll be happy to take a look at it for you.

Please do an online scan with Kaspersky WebScanner

Click on Accept Button

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • The program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your Desktop.
  • Copy and Paste that information in your next post.

White Warrior

Edited by White Warrior, 26 June 2008 - 07:33 AM.

#3 don77


    Forum Regular

  • Members
  • 3,212 posts
  • Gender:Male
  • Location:Boston Mass

Posted 05 July 2008 - 07:39 PM

Due to the lack of feedback, this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users