Results 1 to 10 of 10

Thread: Very Slow PC performance

  1. #1
    Junior Member
    Join Date
    Feb 2007
    Location
    UAE
    Posts
    9

    Default Very Slow PC performance

    Hi,
    I have read a variety of threads and have followed the "Before You Post" recommendations. I have completed the Spybot scan and fix in safe mode and am now at the point where the I need help. The below log is from an online scan using Kaspersky:
    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Tuesday, February 13, 2007 11:03:46 AM
    Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.83.0
    Kaspersky Anti-Virus database last update: 13/02/2007
    Kaspersky Anti-Virus database records: 267150
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    A:\
    C:\
    D:\
    E:\
    F:\
    H:\

    Scan Statistics:
    Total number of scanned objects: 149513
    Number of viruses found: 13
    Number of infected objects: 28 / 0
    Number of suspicious objects: 0
    Duration of the scan process: 03:24:44

    Infected Object Name / Virus Name / Last Action
    C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\log.edb Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\logout.edb Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\Events.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{0E1AACF2-7078-42C7-9864-573AFCF493B3}.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{5BB6DB9A-4D63-49DB-9826-FF2154E6DE0E}.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MSC\Logs\{72F56374-9539-4E1B-8BB0-CDD4651864BA}.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MSK\APH.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MSK\MSKWMDB.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MSK\RBLDB.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\MSK\settingsdb.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR1.tmp Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12172006-170345.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Ooze Bias Bone Blue\atom upload.exe Infected: Trojan.Win32.Inject.au skipped
    C:\Documents and Settings\All Users\Application Data\Ooze Bias Bone Blue\lessaudiopile Object is locked skipped
    C:\Documents and Settings\Francesca Wheatley\Local Settings\Temp\hsperfdata_Francesca Wheatley\2612 Object is locked skipped
    C:\Documents and Settings\Francesca Wheatley\Local Settings\Temporary Internet Files\AntiPhishing\07FB382D-AA75-4683-82F4-EAB265A275CB.dat Object is locked skipped
    C:\Documents and Settings\Francesca Wheatley\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
    C:\Documents and Settings\Francesca Wheatley\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Francesca Wheatley\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\Guest\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Guest\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\.housecall6.6\Quarantine\MWSBAR.DLL.bac_a03888 Infected: not-a-virus:AdTool.Win32.MyWebSearch.p skipped
    C:\Documents and Settings\Jason Wheatley\.housecall6.6\Quarantine\MWSOESTB.DLL.bac_a03888 Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
    C:\Documents and Settings\Jason Wheatley\.housecall6.6\Quarantine\MWSSRCAS.DLL.bac_a03888 Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
    C:\Documents and Settings\Jason Wheatley\Application Data\McAfee\MBK\ARBUSFILE.GDB Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Application Data\SiteAdvisor\SiteAdv.csh Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Cookies\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\ApplicationHistory\McAfeeDataBackup.exe.e548c4c.ini.inuse Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{80847A91-408E-4429-83E3-BA8B497FC401} Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\History\History.IE5\MSHist012007021320070214\index.dat Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\Temp\fb_2756.lck Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\Temp\Perflib_Perfdata_f98.dat Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\Temp\~DF3520.tmp Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Jason Wheatley\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\00000002.ps1 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\00000002.ps2 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\00010002.ci Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\cicat.fid Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\cicat.hsh Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiCL0001.000 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiP10000.000 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiP20000.000 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiPT0000.000 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiSL0001.000 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiSP0000.000 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiST0000.000 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\CiVP0000.000 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\INDEX.000 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\propstor.bk1 Object is locked skipped
    C:\Program Files\Dell\Support\UI\Search\catalog.wci\propstor.bk2 Object is locked skipped
    C:\Program Files\FunWebProducts\Installr\2.bin\F3EZSETP.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.e skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\BWDocMap.pht Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\BWInfopakMap.pht Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chandir.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chandir.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chn.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\chn.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\D0000000.FCS Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\inuse.txt Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\L0000032.FCS Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\main.log Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_die.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_die.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_dnd.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_dnd.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_ext.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_ext.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_rcv.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\prs_rcv.idx Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\storydb.dat Object is locked skipped
    C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Jason Wheatley\Data\storydb.idx Object is locked skipped
    C:\Program Files\MSN Messenger\riched20.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL Infected: not-a-virus:AdWare.Win32.FunWeb.d skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.z skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
    C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
    C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.f skipped
    C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped
    C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
    C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped
    C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.p skipped
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ab skipped
    C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
    C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
    C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
    C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
    C:\System Volume Information\catalog.wci\00010004.ci Object is locked skipped
    C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
    C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
    C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
    C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
    C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
    C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP146\A0003493.exe Infected: Trojan.Win32.Inject.au skipped
    C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP149\change.log Object is locked skipped
    C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\EventCache\{4C901E65-2A99-4AD9-8354-149B31ABF4A7}.bin Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\f3PSSavr.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
    C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\Temp\fb_1880.lck Object is locked skipped
    C:\WINDOWS\Temp\Perflib_Perfdata_14c.dat Object is locked skipped
    C:\WINDOWS\Temp\sqlite_14YED4ot27hKPiM Object is locked skipped
    C:\WINDOWS\Temp\sqlite_2yr9PDLoqA8LRej Object is locked skipped
    C:\WINDOWS\Temp\sqlite_6ehMUozsG4ise7M Object is locked skipped
    C:\WINDOWS\Temp\sqlite_7ZsIpRnk1MeK73t Object is locked skipped
    C:\WINDOWS\Temp\sqlite_A2pnJMHkcIix75t Object is locked skipped
    C:\WINDOWS\Temp\sqlite_BArCnuysQvddkPY Object is locked skipped
    C:\WINDOWS\Temp\sqlite_BOAUzmcjaQZawgt Object is locked skipped
    C:\WINDOWS\Temp\sqlite_D7aCcieCmwrD40Z Object is locked skipped
    C:\WINDOWS\Temp\sqlite_dLhZV6w7XFmbVOq Object is locked skipped
    C:\WINDOWS\Temp\sqlite_ecRSMsAlQ3Ohi3C Object is locked skipped
    C:\WINDOWS\Temp\sqlite_h5iO9wI3cW77Fec Object is locked skipped
    C:\WINDOWS\Temp\sqlite_hMxvcVy3wq11pkL Object is locked skipped
    C:\WINDOWS\Temp\sqlite_HQJ672iL4iUz9wm Object is locked skipped
    C:\WINDOWS\Temp\sqlite_nyBY0SnHtr2cBic Object is locked skipped
    C:\WINDOWS\Temp\sqlite_P8ldFWURzLlujo7 Object is locked skipped
    C:\WINDOWS\Temp\sqlite_tQWU7BOvyr21n4O Object is locked skipped
    C:\WINDOWS\Temp\sqlite_wrGGhgwkhS7IPkW Object is locked skipped
    C:\WINDOWS\Temp\sqlite_yxNolp6c5T7PU9U Object is locked skipped
    C:\WINDOWS\Temp\sqlite_ZWRzLPo2akqxmzp Object is locked skipped
    C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
    C:\WINDOWS\WIASERVC.LOG Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped
    C:\WINDOWS\{00000002-00000000-00000000-00001102-00000004-10031102}.CDF Object is locked skipped
    H:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    H:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP149\change.log Object is locked skipped

    Scan process completed.


    Thanks in advance,
    Jason

  2. #2
    Junior Member
    Join Date
    Feb 2007
    Location
    UAE
    Posts
    9

    Default Very Slow PC Performance

    This is the HJT log:
    Logfile of HijackThis v1.99.1
    Scan saved at 12:51:38, on 13/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\McAfee\MBK\MBackMonitor.exe
    C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
    C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    c:\program files\common files\mcafee\mna\mcnasvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\DSentry.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    C:\Program Files\McAfee\MSK\MskAgent.exe
    C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Common Files\Sonic Shared\CineTray.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\Microsoft Office\Office\1033\msoffice.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\PROGRA~1\McAfee\MSC\mctskshd.exe
    C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\SiteAdvisor\6028\SAService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\PROGRA~1\McAfee\MPS\mps.exe
    c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
    C:\Program Files\McAfee\MPS\mpsevh.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\WINZIP\winzip32.exe
    C:\Documents and Settings\Jason Wheatley\Local Settings\Temp\HijackThis.exe

  3. #3
    Junior Member
    Join Date
    Feb 2007
    Location
    UAE
    Posts
    9

    Default very slow pc performance

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/u...en/default.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dogpile.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1.emirates.net.ae:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;<local>
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll
    O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\Torrent101\TorrentManager.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll

  4. #4
    Junior Member
    Join Date
    Feb 2007
    Location
    UAE
    Posts
    9

    Default

    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
    O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
    O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
    O4 - HKLM\..\Run: [bone blue copy jump] C:\Documents and Settings\All Users\Application Data\Ooze Bias Bone Blue\firstboob.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] /L:ENG
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [JUNK WINDOW] C:\DOCUME~1\JASONW~1\APPLIC~1\WAITTO~1\Body Beep.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\CineTray.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

  5. #5
    Junior Member
    Join Date
    Feb 2007
    Location
    UAE
    Posts
    9

    Default

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...9/mcinsctl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1123474403843
    O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.euro.dell.com/global/...r/PROFILER.CAB
    O16 - DPF: {A58EA309-CE0A-49C4-A18C-31F77FE681E9} (GetInfo.MainClass) - https://www.bppassport.com/diligent/GetInfo.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/game...ploader_v6.cab
    O18 - Protocol: bw+0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {45A0D4B5-5EC8-49FC-9995-58FE61904F80} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: IomegaAccess - Unknown owner - C:\WINDOWS\System32\iomegaaccess.exe (file missing)
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBackMonitor - - C:\Program Files\McAfee\MBK\MBackMonitor.exe
    O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
    O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
    O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
    O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6028\SAService.exe

  6. #6
    Junior Member
    Join Date
    Feb 2007
    Location
    UAE
    Posts
    9

    Default very slow pc performance

    The specifics of the problem are:
    1. Continual pop-ups when browsing (Poker 888, Adult Date Finder).
    2. Very slow keyboard function when typing in Sbybot (need to repeat type).
    3. Screen holds when moving between open applications.
    Regards,
    wheatley

  7. #7
    Junior Member
    Join Date
    Feb 2007
    Location
    UAE
    Posts
    9

    Default very slow pc performance

    Here is the ComboFix scan for good measure:

    "Jason Wheatley" - 07-02-15 4:26:45 Service Pack 2
    ComboFix 07-02-11 - Running from: "H:\IT"

    (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\INSTALL.LOG


    ((((((((((((((((((((((((((((((( Files Created from 2007-01-15 to 2007-02-15 ))))))))))))))))))))))))))))))))))


    2007-02-14 10:32 <DIR> d-------- C:\DOCUME~1\FRANCE~1\Application Data\SlySoft
    2007-02-13 12:14 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy
    2007-02-13 09:19 <DIR> d-------- C:\HJT
    2007-02-13 07:24 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
    2007-02-12 10:36 <DIR> d-------- C:\Program Files\WAIT TONS BONE
    2007-02-11 10:37 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Application Data\McAfee
    2007-01-27 22:40 41,160 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AnyDVD.sys
    2007-01-27 22:40 15,440 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ElbyCDIO.sys
    2007-01-27 22:40 11,984 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\RegKill.sys
    2007-01-24 00:01 <DIR> d-------- C:\Program Files\Mozilla Firefox
    2007-01-16 16:03 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Ooze Bias Bone Blue
    2007-01-16 16:02 <DIR> d-------- C:\Program Files\Torrent101
    2007-01-16 16:02 <DIR> d-------- C:\My Downloads
    2007-01-16 16:02 <DIR> d-------- C:\DOCUME~1\JASONW~1\Application Data\WAIT TONS BONE
    2007-01-16 16:02 <DIR> d-------- C:\DOCUME~1\JASONW~1\Application Data\Torrent101


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-02-14 18:23 -------- d-------- C:\Program Files\mcafee
    2007-02-14 18:22 288 --a------ C:\WINDOWS\SYSTEM32\dvcstatebkp-{00000002-00000000-00000000-00001102-00000004-10031102}.dat
    2007-02-14 18:22 288 --a------ C:\WINDOWS\SYSTEM32\dvcstate-{00000002-00000000-00000000-00001102-00000004-10031102}.dat
    2007-02-14 18:21 -------- d-------- C:\Program Files\Common Files\symantec shared
    2007-02-14 07:35 -------- d-------- C:\Program Files\logitech
    2007-02-14 07:09 -------- d--h----- C:\Program Files\installshield installation information
    2007-02-13 12:31 -------- d-------- C:\Program Files\siteadvisor
    2007-02-11 10:51 -------- d-------- C:\DOCUME~1\JASONW~1\Application Data\adobeum
    2007-01-11 20:34 81920 --a------ C:\WINDOWS\SYSTEM32\elbycdio.dll
    2006-12-27 19:12 664 --a------ C:\WINDOWS\SYSTEM32\d3d9caps.dat
    2006-12-27 18:49 -------- d-------- C:\Program Files\itunes
    2006-12-27 18:49 -------- d-------- C:\Program Files\ipod
    2006-12-27 18:47 -------- d-------- C:\Program Files\quicktime
    2006-12-27 18:45 -------- d-------- C:\Program Files\apple software update
    2006-12-24 11:55 -------- d-------- C:\DOCUME~1\JASONW~1\Application Data\u3
    2006-12-21 09:03 -------- d-------- C:\DOCUME~1\JASONW~1\Application Data\siteadvisor
    2006-12-17 17:03 -------- d-------- C:\Program Files\windows defender


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
    "AnyDVD"="C:\\Program Files\\SlySoft\\AnyDVD\\AnyDVD.exe"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "SB Audigy 2 Startup Menu"="/L:ENG"
    "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
    "JUNK WINDOW"="C:\\DOCUME~1\\JASONW~1\\APPLIC~1\\WAITTO~1\\Body Beep.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
    "HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb04.exe"
    "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "DVDSentry"="C:\\WINDOWS\\System32\\DSentry.exe"
    "LVCOMSX"="C:\\WINDOWS\\System32\\LVCOMSX.EXE"
    "LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe"
    "CTHelper"="CTHELPER.EXE"
    "nwiz"="nwiz.exe /install"
    "DwlClient"="C:\\Program Files\\Common Files\\Dell\\EUSW\\Support.exe"
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
    "Microsoft Works Update Detection"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
    "CTSysVol"="C:\\Program Files\\Creative\\SBAudigy2\\Surround Mixer\\CTSysVol.exe"
    "CTDVDDet"="C:\\Program Files\\Creative\\SBAudigy2\\DVDAudio\\CTDVDDet.EXE"
    "AsioReg"="REGSVR32.EXE /S CTASIO.DLL"
    "MskAgentexe"="C:\\Program Files\\McAfee\\MSK\\MskAgent.exe"
    "SiteAdvisor"="C:\\Program Files\\SiteAdvisor\\6028\\SiteAdv.exe"
    "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "McAfee Backup"="C:\\Program Files\\McAfee\\MBK\\McAfeeDataBackup.exe"
    "MBkLogOnHook"="C:\\Program Files\\McAfee\\MBK\\LogOnHook.exe"
    "bone blue copy jump"="C:\\Documents and Settings\\All Users\\Application Data\\Ooze Bias Bone Blue\\firstboob.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "NoChange"="1"
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"


    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    Source REG_SZ file:///C:/DOCUME~1/JASONW~1/LOCALS~1/Temp/msoclip1/01/clip_image002.gif

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0


    [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G]
    Shell\AutoRun\command G:\LaunchU3.exe

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e68abee0-89b5-11db-8d13-0007e947a061}]
    Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs


    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\McDefragTask.job
    C:\WINDOWS\tasks\McQcTask.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job


    ********************************************************************

    catchme 0.1 W2K/XP - userland rootkit detector by Gmer, 17 October 2006
    http://www.gmer.net

    scanning hidden processes ...

    scanning hidden services ...

    scanning hidden autostart entries ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    McAfee Backup = C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe?????????????????????????????????????????????????????????????????????????????????

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    ********************************************************************

    Completion time: 07-02-15 4:30:56

  8. #8
    Junior Member
    Join Date
    Feb 2007
    Location
    UAE
    Posts
    9

    Default very slow pc performance

    I have removed Torrent101 as it looks like the bad stuff arrived at the same time this was installed. Just need to ge rid of the bad stuff now.
    Cheers.

  9. #9
    Junior Member
    Join Date
    Feb 2007
    Location
    UAE
    Posts
    9

    Default

    I am getting assistance with this problem via another site, please close the thread.
    Thanks



    For future reference:
    If you have waited FOUR days for advice post here.
    Last edited by tashi; 2007-02-19 at 20:11. Reason: Added link

  10. #10
    Security Expert-Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    3,934

    Default

    This topic has been archived.

    If you need it re-opened please send a private message (pm) to a forum staff member and provide a link to the thread; this applies only to the original topic starter.
    MalWare Removal University - You too could train to help others
    UNITE & ASAP member since 2006

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •