Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » Just the usual slowness...(RESOLVED)

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

Just the usual slowness...(RESOLVED)

Reply
Page 1 of 2 1 2
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #1 (permalink)  
Old 14-01-2006, 02:43 AM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 10
dds2009 Is a beginner here at D-A-L
Just the usual slowness...(RESOLVED)
I could use some help cleaning my tablet up. I've been moving things around & downloading some programs. I've noticed some slowdown with the computer. I'd appreciate some help cleaning anything up. Here is my log after following instructions. Thanks.



Logfile of HijackThis v1.99.1
Scan saved at 7:39:54 PM, on 1/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Windows\System32\mcres.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Dashsvc.exe
c:\WINDOWS\system32\IFXSPMGT.exe
c:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
c:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\McMon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G 1.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Documents and Settings\Robert\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.motioncomputing.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.motioncomputing.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [MotionComputingMonitor] C:\WINDOWS\system32\McMon.exe
O4 - HKLM\..\Run: [\\RAHM\EPSON Stylus CX5400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G 1.EXE /P26 "\\RAHM\EPSON Stylus CX5400" /O6 "USB001" /M "Stylus CX5400"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.motioncomputing.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1118526503812
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1118526424890
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {E473A65C-8087-49A3-AFFD-C5BC4A10669B} (Quantum Streaming IE Player Class) - http://xlonhcld.xlontech.net/100348/...ie05111501.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: IfxWlxEN - C:\WINDOWS\SYSTEM32\IfxWlxEN.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: mclaunch - C:\\Windows\\System32\\mclaunch.dll
O20 - Winlogon Notify: OPXPGina - C:\Program Files\Softex\OmniPass\opxpgina.dll
O20 - Winlogon Notify: PSDNtfy - c:\Program Files\Infineon\Security Platform Software\PSDNtfy.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: dashsvc - Motion Computing Inc. - C:\WINDOWS\system32\Dashsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE
O23 - Service: PWSSvc - Unknown owner - C:\Program Files\Colligo Networks\Colligo Personal Edition\pwssvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 14-01-2006, 05:59 AM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: Just the usual slowness...
Welcome to DAL,


Lets see what some virus scans can uncover and we will go from there.

Get the stinger here:
http://vil.nai.com/vil/stinger/

Download it to another computer if need be, and bring it to the affected computer on floppy disk.

It will kill the top 53 virus files if any are found there

then,

Internet Explorer required
Run these two online virus scanners (Panda Activescan) following these instructions below:

http://www.pandasoftware.com/products/activescan.htm


Internet Explorer required
Also this excellent(BitDefender) scanner:http://www.bitdefender.com/scan8/ie.html


These scans will take more than an hour to complete, so make sure you have time to let them run thru. Save the Panda scan log and the BitDefender log and post them back here please with a new Hijackthis log.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 14-01-2006, 06:10 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 10
dds2009 Is a beginner here at D-A-L
Re: Just the usual slowness...
Here is the Panda Scan.




Incident Status Location

Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt[]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt[75552505]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt[]
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Robert\Cookies\robert@2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Robert\Cookies\robert@ad.yieldmanager[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Robert\Cookies\robert@ads.pointroll[1].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Robert\Cookies\robert@apmebf[2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Robert\Cookies\robert@ask[1].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Robert\Cookies\robert@banner[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Robert\Cookies\robert@belnk[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Robert\Cookies\robert@burstnet[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Robert\Cookies\robert@com[2].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Robert\Cookies\robert@did-it[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Robert\Cookies\robert@dist.belnk[2].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Robert\Cookies\robert@go[1].txt
Spyware:Cookie/Paypopup Not disinfected C:\Documents and Settings\Robert\Cookies\robert@paypopup[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Robert\Cookies\robert@questionmarket[1].txt
Spyware:Cookie/SpywareStormer Not disinfected C:\Documents and Settings\Robert\Cookies\robert@spywarestormer[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Robert\Cookies\robert@statcounter[2].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Robert\Cookies\robert@toplist[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Robert\Cookies\robert@tribalfusion[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Robert\Cookies\robert@www.burstbeacon[1].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Robert\Cookies\robert@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Robert\Cookies\robert@zedo[2].txt
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 14-01-2006, 07:17 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 10
dds2009 Is a beginner here at D-A-L
Re: Just the usual slowness...
Here is the BitDefender log.



BitDefender Online Scanner - Real Time Virus Report



Generated at: Sat, Jan 14, 2006 - 12:16:52


--------------------------------------------------------------------------------





Scan Info



Scanned Files
470807

Infected Files
0








Virus Detected



No virus found.











--------------------------------------------------------------------------------



This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 14-01-2006, 07:18 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 10
dds2009 Is a beginner here at D-A-L
Re: Just the usual slowness...
Hijack Log:



Logfile of HijackThis v1.99.1
Scan saved at 12:17:50 PM, on 1/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Windows\System32\mcres.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Dashsvc.exe
c:\WINDOWS\system32\IFXSPMGT.exe
c:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
c:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\McMon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G 1.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Robert\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.motioncomputing.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.motioncomputing.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [MotionComputingMonitor] C:\WINDOWS\system32\McMon.exe
O4 - HKLM\..\Run: [\\RAHM\EPSON Stylus CX5400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G 1.EXE /P26 "\\RAHM\EPSON Stylus CX5400" /O6 "USB001" /M "Stylus CX5400"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.motioncomputing.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1118526503812
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1118526424890
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {E473A65C-8087-49A3-AFFD-C5BC4A10669B} (Quantum Streaming IE Player Class) - http://xlonhcld.xlontech.net/100348/...ie05111501.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: IfxWlxEN - C:\WINDOWS\SYSTEM32\IfxWlxEN.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: mclaunch - C:\\Windows\\System32\\mclaunch.dll
O20 - Winlogon Notify: OPXPGina - C:\Program Files\Softex\OmniPass\opxpgina.dll
O20 - Winlogon Notify: PSDNtfy - c:\Program Files\Infineon\Security Platform Software\PSDNtfy.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: dashsvc - Motion Computing Inc. - C:\WINDOWS\system32\Dashsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE
O23 - Service: PWSSvc - Unknown owner - C:\Program Files\Colligo Networks\Colligo Personal Edition\pwssvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 14-01-2006, 08:11 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: Just the usual slowness...
Next step:



Download CCleaner from here:
http://www.majorgeeks.com/download4191.html
or here:
http://www.filehippo.com/download_ccleaner.html

don't run the tool just yet please.
Install it. The windows tab should be opened in the upper left of the program. Click analyze and then click run cleaner. Just use the windows tab that is up front by default.

1.Uncheck "Cookies" under "Internet Explorer".

2.If you are running Firefox: ,then click on the "Applications" tab and uncheck "Cookies" under "Firefox".

Don't run this tool either please just yet

Please download, install, and update the NEW free version of Ewido trojan scanner:
[*]When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
[*]When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
[*]From the main ewido screen, click on update in the left menu, then click the Start update button.
[*]After the update finishes (the status bar at the bottom will display "Update successful")
[*]Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
[*]If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.
[*]When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.


Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.


Now runCCleaner useing windows tab only

After that run Ewido and post the log from that and a new hijackthis log please.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 14-01-2006, 11:11 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 10
dds2009 Is a beginner here at D-A-L
Re: Just the usual slowness...
Here is the Ewido report:



---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 4:07:06 PM, 1/14/2006
+ Report-Checksum: F4BEFB44

+ Scan result:

:mozilla.6:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.344:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.345:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.352:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.354:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.373:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.377:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.388:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.396:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.398:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.401:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.407:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.410:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.411:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.412:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.413:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.414:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.415:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.416:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.417:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.419:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.421:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.422:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.425:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.430:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.431:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.432:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.436:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.437:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.438:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.439:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.440:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.442:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.447:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.448:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.449:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.455:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.457:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.462:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.464:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.465:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.466:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.474:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.475:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.478:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.479:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.480:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.481:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.485:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.487:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.491:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.520:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.532:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.536:C:\Documents and Settings\Robert\Application Data\Mozilla\Firefox\Profiles\a40tzgrl.default\coo kies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@ads.addynamix[2].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@buycom.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wfk4wlcpseq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wfkyshcpkkq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wfl4cgdjmeq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wfliajczilo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wfliapczedo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjk4alczofo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjkokpc5mfo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjkyojazekq.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjkyokdjaeq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjkyqpcpoko.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjl4kmczgkq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjl4uid5eko.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjliklazilp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjlisgdzwbo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjlogmczigo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjlycidjgbo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjlygldpglp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjlykjdzsdo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjlyoodjmhq.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjlyslajwao.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjmiajazmbq.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjnyclcpofq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@e-2dj6wjnyqncpklp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@msninvite.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@msnportal.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@news.com[1].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@polo.112.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@sales.liveperson[1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@statcounter[2].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@www.burstbeacon[1].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@www.burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Robert\Cookies\robert@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\1CP13DTB\mm[1].js -> Spyware.Chitika : Cleaned with backup


::Report End
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 14-01-2006, 11:12 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 10
dds2009 Is a beginner here at D-A-L
Re: Just the usual slowness...
Here is the new Hijack log:



Logfile of HijackThis v1.99.1
Scan saved at 4:10:06 PM, on 1/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Windows\System32\mcres.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Dashsvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\WINDOWS\system32\IFXSPMGT.exe
c:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
c:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\McMon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G 1.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Robert\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.motioncomputing.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.motioncomputing.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [MotionComputingMonitor] C:\WINDOWS\system32\McMon.exe
O4 - HKLM\..\Run: [\\RAHM\EPSON Stylus CX5400] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G 1.EXE /P26 "\\RAHM\EPSON Stylus CX5400" /O6 "USB001" /M "Stylus CX5400"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.motioncomputing.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1118526503812
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1118526424890
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {E473A65C-8087-49A3-AFFD-C5BC4A10669B} (Quantum Streaming IE Player Class) - http://xlonhcld.xlontech.net/100348/...ie05111501.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: IfxWlxEN - C:\WINDOWS\SYSTEM32\IfxWlxEN.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: loginkey - C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll
O20 - Winlogon Notify: mclaunch - C:\\Windows\\System32\\mclaunch.dll
O20 - Winlogon Notify: OPXPGina - C:\Program Files\Softex\OmniPass\opxpgina.dll
O20 - Winlogon Notify: PSDNtfy - c:\Program Files\Infineon\Security Platform Software\PSDNtfy.dll
O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll
O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: dashsvc - Motion Computing Inc. - C:\WINDOWS\system32\Dashsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE
O23 - Service: PWSSvc - Unknown owner - C:\Program Files\Colligo Networks\Colligo Personal Edition\pwssvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 14-01-2006, 11:36 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: Just the usual slowness...
clean log, how is your computer behaving now?
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 14-01-2006, 11:48 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 10
dds2009 Is a beginner here at D-A-L
Re: Just the usual slowness...
It's better now. Thank you. I took some other steps to help protect myself also. Thanks again.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Computer running slower than usual? 7-23-09 KazuoKiriyama77 Spyware, Adware, Viruses and HijackThis Logs 14 26-07-2009 04:10 PM
Computer acting slower then usual. Byakira General Hardware Issues 5 29-08-2008 04:06 PM
Internet slower than usual but in my other pc is ok. FreakY Firewalls and Networks 3 07-01-2005 01:04 AM
Usual Spam Crap 11sec4cyl Spyware, Adware, Viruses and HijackThis Logs 5 23-11-2004 04:40 PM
trojan, worm, and slowness. log included. Paige Spyware, Adware, Viruses and HijackThis Logs 4 05-09-2004 09:48 PM


All times are GMT +1. The time now is 07:40 AM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav