Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Super Slow Box


  • This topic is locked This topic is locked
1 reply to this topic

#1 screamerUSA

screamerUSA

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:02 AM

Posted 26 February 2009 - 12:54 AM

Good Day Guys,

Here are the two files I was requested to insert. My computer has been intermittently getting slower over the past two weeks. I use NOD 32 and scan weekly. Plus I have Malware Defender installed. They show nothing. I scanned w/ a2 and it showed nothing. I've followed all the steps suggested prior to submitting the HJT log. It's still running slow. Please forgive my ignorance if I overlooked something.

I can't figure how to insert a .zip file in this post , so it's pasted.


tia,


...screamer


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:59:41 PM, on 2/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\RunDLL32.exe
E:\WINDOWS\system32\RTDCPL.EXE
E:\Program Files\Eset\nod32kui.exe
E:\WINDOWS\system32\CTHELPER.EXE
E:\WINDOWS\system32\CTXFIHLP.EXE
E:\Program Files\Qurb\QSP-4.0.373.0\QOELoader.exe
E:\Program Files\ClocX\ClocX.exe
E:\WINDOWS\SYSTEM32\CTXFISPI.EXE
E:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\Program Files\Everything\Everything.exe
E:\$ISR\$APP\ISRMonitor.exe
E:\Program Files\Rainlendar2\Rainlendar2.exe
E:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
E:\Program Files\AnVir Task Manager Free\AnVir.exe
E:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
E:\Program Files\RocketDock\RocketDock.exe
E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
E:\$ISR\0\ISRService.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\Program Files\Eset\nod32krn.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
E:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
E:\WINDOWS\System32\ups.exe
E:\WINDOWS\System32\vssvc.exe
E:\WINDOWS\system32\vsnapvss.exe
E:\Program Files\GPSoftware\Directory Opus\dopus.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\NoteTab Light\NoteTab.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program

Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program

Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program

Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTDCPL] RTDCPL.EXE
O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [QOELOADER] "E:\Program Files\Qurb\QSP-4.0.373.0\QOELoader.exe"
O4 - HKLM\..\Run: [ClocX] E:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Malware Defender] e:\program files\malware defender\malwaredefender.exe
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] E:\Program Files\Common Files\Research In Motion\Auto

Update\RIMAutoUpdate.exe /background
O4 - HKLM\..\Run: [RoxWatchTray] "E:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Everything] "E:\Program Files\Everything\Everything.exe" -startup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ISR_MONITOR] E:\$ISR\$APP\ISRMonitor.exe
O4 - HKCU\..\Run: [Rainlendar2] E:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [ISUSPM] "E:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [AnVir Task Manager Free] "E:\Program Files\AnVir Task Manager Free\AnVir.exe" Minimized
O4 - HKCU\..\Run: [Directory Opus Desktop Dblclk] "E:\Program Files\GPSoftware\Directory Opus\dopusrt.exe" /dblclk
O4 - HKCU\..\Run: [RocketDock] "E:\Program Files\RocketDock\RocketDock.exe"
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

E:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

E:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} (PCPitstop AntiVirus) -

http://utilities.pcpitstop.com/Exterminate...opAntiVirus.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

http://update.microsoft.com/microsoftupdat...b?1232649471671
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft

Office\Office12\GrooveSystemServices.dll
O23 - Service: Google Update Service (gupdate1c98acb8225d462) (gupdate1c98acb8225d462) - Google Inc. - E:\Program

Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - E:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common

Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: FirstDefense-ISR Service (ISRService) - Leapfrog Software, Inc. - E:\$ISR\0\ISRService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program

Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - E:\Program Files\Common

Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Malware Defender Service (MalwareDefenderService) - TorchSoft - e:\program files\malware

defender\mdservice.exe
O23 - Service: NMSAccessU - Unknown owner - E:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - E:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - E:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - E:\Program Files\Common Files\Roxio

Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - E:\Program Files\Common Files\Roxio

Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - E:\Program Files\Common Files\Roxio

Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ShadowProtect Service (ShadowProtectSvc) - StorageCraft Technology Corporation - E:\Program

Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
O23 - Service: StorageCraft Shadow Copy Provider (VSNAPVSS) - StorageCraft Technology Corporation -

E:\WINDOWS\system32\vsnapvss.exe

--
End of file - 8202 bytes



DDS (Ver_09-02-01.01) - NTFSx86
Run by screamer at 0:32:18.64 on Thu 02/26/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2045.1416 [GMT -5:00]

AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated)

============== Running Processes ===============

E:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
E:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\RunDLL32.exe
E:\WINDOWS\system32\RTDCPL.EXE
E:\Program Files\Eset\nod32kui.exe
E:\WINDOWS\system32\CTHELPER.EXE
E:\WINDOWS\system32\CTXFIHLP.EXE
E:\Program Files\Qurb\QSP-4.0.373.0\QOELoader.exe
E:\Program Files\ClocX\ClocX.exe
E:\WINDOWS\SYSTEM32\CTXFISPI.EXE
E:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\Program Files\Everything\Everything.exe
E:\$ISR\$APP\ISRMonitor.exe
E:\Program Files\Rainlendar2\Rainlendar2.exe
E:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
E:\Program Files\AnVir Task Manager Free\AnVir.exe
E:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
E:\Program Files\RocketDock\RocketDock.exe
E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
E:\$ISR\0\ISRService.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\Program Files\Eset\nod32krn.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
E:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
E:\WINDOWS\System32\ups.exe
E:\WINDOWS\System32\vssvc.exe
E:\WINDOWS\system32\vsnapvss.exe
E:\Program Files\GPSoftware\Directory Opus\dopus.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\NoteTab Light\NoteTab.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\Documents and Settings\screamer\Desktop\Download\HJT\dds.scr

============== Pseudo HJT Report ===============

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} -
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - e:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - e:\program

files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - e:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - e:\program

files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [Rainlendar2] e:\program files\rainlendar2\Rainlendar2.exe
uRun: [ISUSPM] "e:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [AnVir Task Manager Free] "e:\program files\anvir task manager free\AnVir.exe" Minimized
uRun: [Directory Opus Desktop Dblclk] "e:\program files\gpsoftware\directory opus\dopusrt.exe" /dblclk
uRun: [RocketDock] "e:\program files\rocketdock\RocketDock.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE e:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
mRun: [RTDCPL] RTDCPL.EXE
mRun: [nod32kui] "e:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [QOELOADER] "e:\program files\qurb\qsp-4.0.373.0\QOELoader.exe"
mRun: [ClocX] e:\program files\clocx\ClocX.exe
mRun: [Malware Defender] e:\program files\malware defender\malwaredefender.exe
mRun: [BlackBerryAutoUpdate] e:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe

/background
mRun: [RoxWatchTray] "e:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [SunJavaUpdateSched] "e:\program files\java\jre6\bin\jusched.exe"
mRun: [Everything] "e:\program files\everything\Everything.exe" -startup
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [ISR_MONITOR] e:\$isr\$app\ISRMonitor.exe
StartupFolder: e:\docume~1\screamer\startm~1\programs\startup\onenot~1.lnk - e:\program files\microsoft

office\office12\ONENOTEM.EXE
IE: E&xport to Microsoft Excel - e:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} -

e:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -

e:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: e:\windows\system32\imon.dll
DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -

hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232649471671
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -

hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - e:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - e:\program files\microsoft

office\office12\GrooveSystemServices.dll
Notify: LBTWlgn - e:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - e:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} -
SEH: Directory Opus Shell Execute Hook: {3cf9ece0-1a9f-11d2-8c73-00c06c2005de} - e:\program files\gpsoftware\directory

opus\dopuslib.dll

================= FIREFOX ===================

FF - ProfilePath - e:\docume~1\screamer\applic~1\mozilla\firefox\profiles\g7wfs4xv.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (en)
FF - component: e:\documents and settings\screamer\application

data\mozilla\firefox\profiles\g7wfs4xv.default\extensions\ubiquity@labs.mozilla.com\platform\winnt_x86-msvc\components

\ubiquity.dll
FF - plugin: e:\program files\google\google earth plugin\npgeplugin.dll
FF - plugin: e:\program files\google\google updater\2.4.1487.6512\npCIDetect13.dll
FF - plugin: e:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300

============= SERVICES / DRIVERS ===============

R0 stcvsm;stcvsm;e:\windows\system32\drivers\stcvsm.sys [2009-1-21 144288]
R1 nod32drv;nod32drv;e:\windows\system32\drivers\nod32drv.sys [2009-1-21 15424]
R1 pngkglfg;pngkglfg;e:\windows\system32\drivers\pngkglfg.sys [2009-2-13 231424]
R1 sbmount;StorageCraft Image Mount Driver;e:\windows\system32\drivers\sbmount.sys [2009-1-21 95776]
R2 ISRService;FirstDefense-ISR Service;e:\$isr\0\ISRService.exe []
R2 LBeepKE;LBeepKE;e:\windows\system32\drivers\LBeepKE.sys [2009-1-25 10384]
R2 MalwareDefenderService;Malware Defender Service;e:\program files\malware defender\mdservice.exe [2009-2-13 83456]
R2 NOD32krn;NOD32 Kernel Service;e:\program files\eset\nod32krn.exe [2009-1-21 552064]
R2 ShadowProtectSvc;ShadowProtect Service;e:\program files\storagecraft\shadowprotect\ShadowProtectSvc.exe [2009-1-21

1255968]
R2 VSNAPVSS;StorageCraft Shadow Copy Provider;e:\windows\system32\vsnapvss.exe [2009-1-21 70176]
S3 gupdate1c98acb8225d462;Google Update Service (gupdate1c98acb8225d462);e:\program

files\google\update\GoogleUpdate.exe [2009-2-9 133104]

=============== Created Last 30 ================

2009-02-25 23:59 <DIR> --d----- e:\program files\Trend Micro
2009-02-25 22:15 <DIR> --d----- e:\program files\jv16 PowerTools 2009
2009-02-25 21:59 <DIR> --d----- e:\program files\jv16 PowerTools 2008
2009-02-25 19:25 185 a------- e:\windows\system32\msblcd32.dll
2009-02-25 19:24 212,240 a------- e:\windows\system32\RICHTX32.OCX
2009-02-25 19:24 124,688 a------- e:\windows\system32\MSWINSCK.OCX
2009-02-25 19:24 67,376 a------- e:\windows\system32\SYSINFO.OCX
2009-02-25 19:24 <DIR> --d----- e:\program files\AF Uninstalls
2009-02-25 16:56 427,864 a------- e:\windows\system32\XceedZip.dll
2009-02-25 16:55 <DIR> --d----- e:\program files\Driver-Soft
2009-02-25 16:35 116,224 ac------ e:\windows\system32\dllcache\xrxwiadr.dll
2009-02-25 16:35 23,040 ac------ e:\windows\system32\dllcache\xrxwbtmp.dll
2009-02-25 16:35 18,944 ac------ e:\windows\system32\dllcache\xrxscnui.dll
2009-02-25 16:35 27,648 ac------ e:\windows\system32\dllcache\xrxftplt.exe
2009-02-25 16:35 4,608 ac------ e:\windows\system32\dllcache\xrxflnch.exe
2009-02-25 16:34 99,865 ac------ e:\windows\system32\dllcache\xlog.exe
2009-02-25 16:34 16,970 ac------ e:\windows\system32\dllcache\xem336n5.sys
2009-02-25 16:34 19,455 ac------ e:\windows\system32\dllcache\wvchntxx.sys
2009-02-25 16:34 19,200 ac------ e:\windows\system32\dllcache\wstcodec.sys
2009-02-25 16:33 12,063 ac------ e:\windows\system32\dllcache\wsiintxx.sys
2009-02-25 16:33 8,192 ac------ e:\windows\system32\dllcache\wshirda.dll
2009-02-25 16:33 8,832 ac------ e:\windows\system32\dllcache\wmiacpi.sys
2009-02-25 16:33 154,624 ac------ e:\windows\system32\dllcache\wlluc48.sys
2009-02-25 16:33 34,890 ac------ e:\windows\system32\dllcache\wlandrv2.sys
2009-02-25 16:33 771,581 ac------ e:\windows\system32\dllcache\winacisa.sys
2009-02-25 16:33 53,760 ac------ e:\windows\system32\dllcache\wiamsmud.dll
2009-02-25 16:33 87,040 ac------ e:\windows\system32\dllcache\wiafbdrv.dll
2009-02-25 16:31 24,576 ac------ e:\windows\system32\dllcache\viairda.sys
2009-02-25 16:30 69,632 ac------ e:\windows\system32\dllcache\umaxu12.dll
2009-02-25 16:29 31,744 ac------ e:\windows\system32\dllcache\tp4.dll
2009-02-25 16:28 172,768 ac------ e:\windows\system32\dllcache\t2r4disp.dll
2009-02-25 16:27 24,660 ac------ e:\windows\system32\dllcache\spxupchk.dll
2009-02-25 16:26 6,912 ac------ e:\windows\system32\dllcache\smbclass.sys
2009-02-25 16:25 161,568 ac------ e:\windows\system32\dllcache\sgsmusb.sys
2009-02-25 16:24 198,400 ac------ e:\windows\system32\dllcache\s3sav4.dll
2009-02-25 16:23 37,563 ac------ e:\windows\system32\dllcache\rlnet5.sys
2009-02-25 16:23 86,097 ac------ e:\windows\system32\dllcache\reslog32.dll
2009-02-25 16:23 19,584 ac------ e:\windows\system32\dllcache\rasirda.sys
2009-02-25 16:23 714,762 ac------ e:\windows\system32\dllcache\r2mdmkxx.sys
2009-02-25 16:23 899,146 ac------ e:\windows\system32\dllcache\r2mdkxga.sys
2009-02-25 16:23 41,472 ac------ e:\windows\system32\dllcache\qvusd.dll
2009-02-25 16:23 3,328 ac------ e:\windows\system32\dllcache\qv2kux.sys
2009-02-25 16:23 49,024 ac------ e:\windows\system32\dllcache\ql1280.sys
2009-02-25 16:23 40,448 ac------ e:\windows\system32\dllcache\ql1240.sys
2009-02-25 16:23 45,312 ac------ e:\windows\system32\dllcache\ql12160.sys
2009-02-25 16:21 105,984 ac------ e:\windows\system32\dllcache\phdsext.ax
2009-02-25 16:20 28,032 ac------ e:\windows\system32\dllcache\ovcd.sys
2009-02-25 16:19 39,264 ac------ e:\windows\system32\dllcache\neo20xx.sys
2009-02-25 16:18 2,944 ac------ e:\windows\system32\dllcache\msmpu401.sys
2009-02-25 16:18 22,016 ac------ e:\windows\system32\dllcache\msircomm.sys
2009-02-25 16:18 35,200 ac------ e:\windows\system32\dllcache\msgame.sys
2009-02-25 16:18 56,832 ac------ e:\windows\system32\dllcache\msdvbnp.ax
2009-02-25 16:18 6,016 ac------ e:\windows\system32\dllcache\msfsio.sys
2009-02-25 16:18 51,200 ac------ e:\windows\system32\dllcache\msdv.sys
2009-02-25 16:18 17,280 ac------ e:\windows\system32\dllcache\mraid35x.sys
2009-02-25 16:18 15,232 ac------ e:\windows\system32\dllcache\mpe.sys
2009-02-25 16:18 16,128 ac------ e:\windows\system32\dllcache\modemcsa.sys
2009-02-25 16:18 6,528 ac------ e:\windows\system32\dllcache\miniqic.sys
2009-02-25 16:18 320,384 ac------ e:\windows\system32\dllcache\mgaum.sys
2009-02-25 16:16 37,376 ac------ e:\windows\system32\dllcache\kousd.dll
2009-02-25 16:15 13,056 ac------ e:\windows\system32\dllcache\inport.sys
2009-02-25 16:15 16,000 ac------ e:\windows\system32\dllcache\ini910u.sys
2009-02-25 16:15 372,824 ac------ e:\windows\system32\dllcache\iconf32.dll
2009-02-25 16:15 100,992 ac------ e:\windows\system32\dllcache\icam5usb.sys
2009-02-25 16:15 20,480 ac------ e:\windows\system32\dllcache\icam5ext.dll
2009-02-25 16:15 45,056 ac------ e:\windows\system32\dllcache\icam5com.dll
2009-02-25 16:15 154,496 ac------ e:\windows\system32\dllcache\icam4usb.sys
2009-02-25 16:13 199,711 ac------ e:\windows\system32\dllcache\hsf_faxx.sys
2009-02-25 16:12 322,432 ac------ e:\windows\system32\dllcache\g400m.sys
2009-02-25 16:11 63,360 ac------ e:\windows\system32\dllcache\ess.sys
2009-02-25 16:10 28,062 ac------ e:\windows\system32\dllcache\dp83820.sys
2009-02-25 16:09 20,928 ac------ e:\windows\system32\dllcache\defpa.sys
2009-02-25 16:08 8,192 ac------ e:\windows\system32\dllcache\changer.sys
2009-02-25 16:07 19,456 ac------ e:\windows\system32\dllcache\brbidiif.dll
2009-02-25 16:06 66,048 ac------ e:\windows\system32\dllcache\s3legacy.dll
2009-02-25 15:07 <DIR> --d----- e:\program files\CCleaner
2009-02-25 13:48 110 a--sh--- E:\$ISRSC
2009-02-25 00:06 <DIR> --dsh--- e:\windows\Installer
2009-02-17 21:51 <DIR> --d-h--- e:\windows\Icons
2009-02-17 10:22 <DIR> --d----- e:\program files\Quick ShutDown
2009-02-17 09:20 <DIR> --d----- e:\program files\RocketDock
2009-02-13 10:20 231,424 a------- e:\windows\system32\drivers\pngkglfg.sys
2009-02-12 17:43 <DIR> --d----- e:\program files\Yahoo!
2009-02-11 15:57 547 a------- e:\windows\system32\ff_vfw.dll.manifest
2009-02-11 15:57 67,584 a------- e:\windows\system32\ff_vfw.dll
2009-02-11 15:57 60,273 a------- e:\windows\system32\pthreadGC2.dll
2009-02-11 15:57 <DIR> --d----- e:\program files\ffdshow
2009-02-11 12:20 78 a------- e:\windows\screamerUSA@Gmail.com
2009-02-08 13:27 <DIR> --d----- e:\program files\Axon Data
2009-02-07 21:11 <DIR> --d----- e:\program files\IObit
2009-02-07 21:11 <DIR> --d----- e:\docume~1\screamer\applic~1\IObit
2009-02-07 16:43 <DIR> --d----- e:\docume~1\screamer\applic~1\X-Setup Pro
2009-02-07 16:43 <DIR> --d----- e:\docume~1\alluse~1\applic~1\X-Setup Pro
2009-02-07 16:26 87,608 a------- e:\docume~1\screamer\applic~1\inst.exe
2009-02-07 16:26 47,360 a------- e:\windows\system32\drivers\pcouffin.sys
2009-02-07 16:26 47,360 a------- e:\docume~1\screamer\applic~1\pcouffin.sys
2009-02-07 16:25 217,127 a------- e:\windows\system32\drv43260.dll
2009-02-07 16:25 208,935 a------- e:\windows\system32\drv33260.dll
2009-02-07 16:25 176,165 a------- e:\windows\system32\drv23260.dll
2009-02-07 16:25 102,439 a------- e:\windows\system32\sipr3260.dll
2009-02-07 16:25 65,602 a------- e:\windows\system32\cook3260.dll
2009-02-07 16:25 1,184,984 a------- e:\windows\system32\wvc1dmod.dll
2009-02-07 16:25 626,688 a------- e:\windows\system32\vp7vfw.dll
2009-02-07 16:25 <DIR> --d----- e:\program files\VSO
2009-02-06 16:18 <DIR> --d----- e:\docume~1\alluse~1\applic~1\PCPitstop
2009-02-06 16:17 <DIR> --d----- e:\program files\PCPitstop
2009-02-04 10:41 <DIR> --d----- e:\program files\Real Alternative
2009-02-04 04:50 266,360 a------- e:\windows\system32\TweakUI.exe
2009-02-04 04:50 160,217 a------- e:\windows\system32\PowerToysLicense.rtf
2009-02-02 09:43 <DIR> --d----- e:\docume~1\screamer\applic~1\MSNInstaller
2009-02-02 00:55 <DIR> --d----- e:\docume~1\screamer\applic~1\Foxit
2009-02-02 00:55 <DIR> --d----- e:\program files\Foxit Software
2009-01-27 22:31 <DIR> --d----- e:\windows\system32\inf32
2009-01-27 22:31 <DIR> --d----- e:\docume~1\screamer\applic~1\GPSoftware
2009-01-27 22:31 <DIR> --d----- e:\docume~1\alluse~1\applic~1\GPSoftware
2009-01-27 22:31 <DIR> --d----- e:\program files\GPSoftware
2009-01-27 21:48 <DIR> --d----- e:\program files\Software Theories
2009-01-27 21:48 <DIR> --d----- e:\docume~1\screamer\applic~1\Software Theories
2009-01-27 13:05 <DIR> --d----- e:\documents and settings\screamer\Capture

==================== Find3M ====================

2009-01-26 03:43 39,424 a------- e:\windows\zipinst.exe
2009-01-25 15:26 410,984 a------- e:\windows\system32\deploytk.dll
2009-01-25 00:11 0 a---h--- e:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-01-25 00:11 0 a---h--- e:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-01-25 00:11 0 a---h---

e:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-01-22 09:54 409,600 a------- e:\windows\system32\wrap_oal.dll
2009-01-22 09:54 114,688 a------- e:\windows\system32\OpenAL32.dll
2009-01-21 17:38 512,096 a------- e:\windows\system32\drivers\amon.sys
2009-01-21 17:38 298,104 a------- e:\windows\system32\imon.dll
2009-01-21 17:38 15,424 a------- e:\windows\system32\drivers\nod32drv.sys
2009-01-21 16:47 21,640 a------- e:\windows\system32\emptyregdb.dat
2008-12-20 18:15 826,368 a------- e:\windows\system32\wininet.dll
2008-11-29 11:13 15,040 a------- e:\windows\system32\uddriver.sys
2008-11-29 11:12 330,560 a------- e:\windows\system32\udbdef.exe

============= FINISH: 0:32:38.79 ===============

Attached Files

  • Attached File  DDS.zip   5.28KB   3 downloads

Cisco 851 + DIR-655 as Firewall NOD32 2.70 MalwareDefender2.0.5
Life Savers - FD-ISR & ShadowProtect

XPS 600, Pentium D "950" 3.4Ghz, 2GB Ram, 1 TB Seagate Barracuda + 2 160GB Seagate HDD, Dual nVidia GeForce 7800GTX

BC AdBot (Login to Remove)

 


#2 Carolyn

Carolyn

    Bleepin' kitten


  • Members
  • 2,131 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 13 March 2009 - 11:15 AM

Hello and Welcome to the forums!

My name is Carolyn and I'll be glad to help you with your computer problems. HijackThis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that it happens.

Please do not run any other tool untill instructed to do so!
Please reply to this thread, do not start another!
Please tell me about any problems that have occurred during the fix.
Please tell me of any other symptoms you may be having as these can help also.
Please try as much as possible not to run anything while executing a fix.

If you follow these instructions, everything should go smoothly.

I am sorry that we were unable to reply to your post sooner. The forums have been very busy.

If you are still in need of assistance, please scan again with DDS and post a fresh log.

I prefer that logs be posted as text in your topic replies rather than as attachments. Also, please make sure that wordwrap is turned off before copying/pasting the logs into your topic.


Please Turn off WordWrap

1. Click Start > All Programs > Accessories > Notepad
2. On the menu bar in Notepad select Format and click on WordWrap so it appears un-checked.

Thank you.
Member of ASAP (Alliance of Security Analysis Professionals)
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users