View Full Version : Vista Freezing at Random Intervals
emosamurai
2008-05-29, 23:32
Hello everyone, after katana helped me back in January with a very nasty infection, things have been all quiet on my system...until last week.
Starting last week, my computer, running Microsoft Vista Business SP1 32-bit, starting randomly freezing up out of nowhere. When I say freeze, I could be in the middle of typing something, surfing the web, designing in Corel (my job), or just checking email, I mean I get the little animating circle instead of a cursor, and I am stuck. I can move my mouse around, but I can't click on anything, and my keyboard is rendered useless, ie, no CTRL ALT DELETE
Could this be a malware problem? Virus? Spyware? Could you guys help me?
I have a Dell Precision 390 computer.
Thanks for anything you guys can do.
pskelley
2008-05-31, 15:55
Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
"BEFORE you POST" (READ this Procedure before Requesting Assistance)
http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.
Let me first say katana is still here but also helps at other forums, so might not see your post. I need to include I do not own Vista and I am still learning how to clean it. I do, however know malware. Let's rule out malware and then I may be able to direct you to a forum concerning Vista that can help.
Start by reading the directions posted above and pinned (sticky) to the top of this forum, then post those required logs:
Provide:
a) The HJT log.
b) The Kaspersky log report
That information should help us find out if malware is involved. I am also interested in anything that occured at the time of these symptoms, like installing SP3. When this occurs, do you receive an error message from Windows? If so, post that word for word.
Thanks
emosamurai
2008-06-04, 01:45
Thanks for your reply, and here are my 2 logs:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:44:59 PM, on 6/3/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\mozilla firefox\firefox.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\microsoft office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\Illustrator.exe
C:\Program Files\corel\CorelDRAW Graphics Suite 13\Programs\CorelDRW.exe
C:\Program Files\Trend Micro\HijackThis\Crusty.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O20 - Winlogon Notify: avgwlntf - C:\Windows\
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlbk_device - - C:\Windows\system32\dlbkcoms.exe
O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, June 03, 2008 5:41:29 PM
Operating System: Microsoft Windows Vista Professional, Service Pack 1 (Build 6001)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 3/06/2008
Kaspersky Anti-Virus database records: 826461
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
Scan Statistics:
Total number of scanned objects: 201176
Number of viruses found: 1
Number of infected objects: 1
Number of suspicious objects: 0
Duration of the scan process: 01:12:20
Infected Object Name / Virus Name / Last Action
C:\Boot\BCD Object is locked skipped
C:\Boot\BCD.LOG Object is locked skipped
C:\Program Files\Common Files\Adobe\Adobe PCD\cache\cache.db Object is locked skipped
C:\Program Files\Common Files\Adobe\Adobe PCD\pcd.db Object is locked skipped
C:\Program Files\Common Files\Adobe\caps\caps.db Object is locked skipped
C:\Program Files\LogMeIn\x86\LogMeIn.dll Infected: not-a-virus:RemoteAdmin.Win32.RemotelyAnywhere.f skipped
C:\ProgramData\ESET\ESET Smart Security\Charon\CACHE.NDB Object is locked skipped
C:\ProgramData\ESET\ESET Smart Security\Logs\epfwlog.dat Object is locked skipped
C:\ProgramData\ESET\ESET Smart Security\Logs\virlog.dat Object is locked skipped
C:\ProgramData\ESET\ESET Smart Security\Logs\warnlog.dat Object is locked skipped
C:\ProgramData\FLEXnet\adobe_00080000_tsf.data Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.147.Crwl Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.147.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wsb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010016.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010018.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010019.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001A.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010028.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010029.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001002C.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001002D.wid Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy617.gthr Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\NtfA60E.tmp Object is locked skipped
C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\NtfA60F.tmp Object is locked skipped
C:\ProgramData\Microsoft\Windows Defender\Support\MPLog-11022006-050253.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\OP_CACHE.ATR Object is locked skipped
C:\System Volume Information\OP_CACHE.IDX Object is locked skipped
C:\Users\Daniel\AppData\Local\Adobe\Updater5\aumLib.log Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Outlook\archive.pst Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Outlook\Outlook.pst Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008060320080604\index.dat Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS2383.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\UsrClass.dat{e3d1d45f-8e38-11dc-9efb-001d090632e6}.TM.blf Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\UsrClass.dat{e3d1d45f-8e38-11dc-9efb-001d090632e6}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Daniel\AppData\Local\Microsoft\Windows\UsrClass.dat{e3d1d45f-8e38-11dc-9efb-001d090632e6}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\nxjljjd5.default\Cache\_CACHE_001_ Object is locked skipped
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\nxjljjd5.default\Cache\_CACHE_002_ Object is locked skipped
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\nxjljjd5.default\Cache\_CACHE_003_ Object is locked skipped
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\nxjljjd5.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Users\Daniel\AppData\Local\Mozilla\Firefox\Profiles\nxjljjd5.default\XUL.mfl Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\alm.log Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\amt.log Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\FXSAPIDebugLogFile.txt Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\lilo23328 Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\lilo33328 Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\lilo43328 Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\lilo53328 Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\lilo63328 Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\WT120E8.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\WT120E9.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\WT120EA.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\WT139C.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\WT139D.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\WT139E.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~DF28C8.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~DF67AD.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~DF67B9.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~DFEA67.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~DFEA73.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~VM44FD.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~VM44FE.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~VM44FF.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~VM4500.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~VM4501.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~VM4502.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~VM4503.tmp Object is locked skipped
C:\Users\Daniel\AppData\Local\Temp\~VM4504.tmp Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Adobe\Logs\AISuitePea.log Object is locked skipped
C:\Users\Daniel\AppData\Roaming\ESET\ESET Smart Security\Antispam\scoffset.bin.incr Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Microsoft\Outlook\Outlook.NK2 Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Microsoft\Outlook\Outlook.srs Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Microsoft\Templates\Normal.dot Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\nxjljjd5.default\cert8.db Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\nxjljjd5.default\formhistory.dat Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\nxjljjd5.default\history.dat Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\nxjljjd5.default\key3.db Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\nxjljjd5.default\parent.lock Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\nxjljjd5.default\search.sqlite Object is locked skipped
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\nxjljjd5.default\urlclassifier2.sqlite Object is locked skipped
C:\Users\Daniel\Documents\Corel User Files\WT13US.UWL Object is locked skipped
C:\Users\Daniel\ntuser.dat Object is locked skipped
C:\Users\Daniel\ntuser.dat.LOG1 Object is locked skipped
C:\Users\Daniel\ntuser.dat.LOG2 Object is locked skipped
C:\Users\Daniel\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf Object is locked skipped
C:\Users\Daniel\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Users\Daniel\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\CSC\v2.0.6\pq Object is locked skipped
C:\Windows\CSC\v2.0.6\temp\ea-{413a1916-2c32-11dd-8896-001d090632e6} Object is locked skipped
C:\Windows\Debug\PASSWD.LOG Object is locked skipped
C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WindowsUpdate.log Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3d4e88e9-6a70-11db-b1ba-d64300c9c793}.TM.blf Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3d4e88e9-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3d4e88e9-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3d4e88e5-6a70-11db-b1ba-d64300c9c793}.TM.blf Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3d4e88e5-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3d4e88e5-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\SoftwareDistribution\EventCache\{92137034-6EBB-49EF-8B04-20AF9ACBE707}.bin Object is locked skipped
C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped
C:\Windows\System32\catroot2\edb.log Object is locked skipped
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped
C:\Windows\System32\config\components Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped
C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped
C:\Windows\System32\config\default Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped
C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped
C:\Windows\System32\config\RegBack\COMPONENTS Object is locked skipped
C:\Windows\System32\config\RegBack\DEFAULT Object is locked skipped
C:\Windows\System32\config\RegBack\SAM Object is locked skipped
C:\Windows\System32\config\RegBack\SECURITY Object is locked skipped
C:\Windows\System32\config\RegBack\SOFTWARE Object is locked skipped
C:\Windows\System32\config\RegBack\SYSTEM Object is locked skipped
C:\Windows\System32\config\sam Object is locked skipped
C:\Windows\System32\config\SAM.LOG1 Object is locked skipped
C:\Windows\System32\config\SAM.LOG2 Object is locked skipped
C:\Windows\System32\config\security Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped
C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped
C:\Windows\System32\config\software Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped
C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped
C:\Windows\System32\config\system Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped
C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000003.regtrans-ms Object is locked skipped
C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000004.regtrans-ms Object is locked skipped
C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped
C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTm.blf Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000001 Object is locked skipped
C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000002 Object is locked skipped
C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped
C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped
C:\Windows\System32\wbem\repository\INDEX.BTR Object is locked skipped
C:\Windows\System32\wbem\repository\MAPPING1.MAP Object is locked skipped
C:\Windows\System32\wbem\repository\MAPPING2.MAP Object is locked skipped
C:\Windows\System32\wbem\repository\OBJECTS.DATA Object is locked skipped
C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.002 Object is locked skipped
C:\Windows\System32\wfp\wfpdiag.etl Object is locked skipped
C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Backup.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped
C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped
C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped
C:\Windows\WindowsUpdate.log Object is locked skipped
D:\$RECYCLE.BIN\S-1-5-21-2708822051-1969383407-3736298607-1000\Money.vbs Object is locked skipped
D:\System Volume Information\OP_CACHE.ATR Object is locked skipped
D:\System Volume Information\OP_CACHE.IDX Object is locked skipped
G:\$RECYCLE.BIN\$IBMIBWZ.vbs Object is locked skipped
G:\$RECYCLE.BIN\$RBMIBWZ.vbs Object is locked skipped
G:\$RECYCLE.BIN\Readme.vbs Object is locked skipped
G:\$RECYCLE.BIN\$I7E9vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP803\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP804\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP805\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP806\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP807\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP808\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP809\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP810\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP811\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP812\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP813\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP814\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP815\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP816\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP817\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP818\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP819\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP821\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP824\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP825\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP826\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP828\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP831\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP833\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP834\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\Money.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP756\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP758\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP769\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP770\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP771\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP772\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP776\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP777\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP779\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP782\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP783\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP786\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP787\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP788\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP792\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP793\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP794\Girls.vbs Object is locked skipped
G:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP797\Girls.vbs Object is locked skipped
G:\System Volume Information\Readme.vbs Object is locked skipped
G:\Recycled\Readme.vbs Object is locked skipped
Scan process completed.
pskelley
2008-06-04, 02:09
Thanks for returning your information, looks like you may have issues other that malware. Here is what Kaspersky Online Scan shows:
C:\Program Files\LogMeIn\x86\LogMeIn.dll ------> RemoteAdmin.Win32.RemotelyAnywhere.f skipped
which appears to be this program: https://secure.logmein.com/home.asp?lang=en
and your HijackThis log is clean of malware. Since you did not mention error messages, I will assume you have none, making it even harder to troubleshoot the issue. There is a history of this issue at Google if it helps:
http://www.google.com/search?hl=en&q=Vista+Freezing+at+Random+Intervals+&btnG=Search
Since we remove malware here, I suggest you try a forum dealing with Vista issues, here are two:
http://help.lockergnome.com/vista/
http://thevistaforums.com/
Some information that might help:
http://windowshelp.microsoft.com/windows/en-us/Help/596FB57F-CC9D-4AC5-A813-5C0830E9156A1033.mspx
Thanks
emosamurai
2008-06-04, 02:15
Thank you pskelley. LogMeIn is a program that one of my IT friends installed in case I have any problems that I would like him to look at from where he is.
I will check out those forums and the Google links. Thanks for the help.