We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Rizla's problem with computer.
rizla01
Posts: 7,260 Forumite
in Techie Stuff
Hi Can anyone help.
Computer (XP2 rev2) going a bit sluggish and constantly locking.
got rid of a few trojans/viruses and according to all of my progs appears to be clean but still slow.
Here is my Hijack.log file. Can anyone advise?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:34:37, on 30/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
G:\AdAware\aawservice.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
E:\Comodo\Firewall\cfp.exe
G:\ThreatFire\TFTray.exe
\Roboform\RoboTaskBarIcon.exe
E:\ASQUARED\A-SQUARED ANTI-MALWARE\a2service.exe
G:\Program Files\Stardock\ObjectDock\ObjectDock.exe
G:\Startup Defender\Startup Defender.exe
E:\Comodo\Firewall\cmdagent.exe
G:\ThreatFire\TFService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Utilities\AnVir.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
G:\Hijack\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://by118w.bay118.mail.live.com/mail/mail.aspx?n=1721578409&wa=wsignin1.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - Disabled:{AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: &Google - !!2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &RoboForm - !!724d43a0-0d85-11d4-9908-00400523e39a} -\Roboform\roboform.dll
O3 - Toolbar: &Linkman - !!5C9DCA26-CEC4-4280-A831-D622D4DBF113} -\PROGRA~1\Linkman\LINKMA~1.DLL
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ThreatFire] G:\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [RoboForm] "D:\Roboform\RoboTaskBarIcon.exe"
O4 - Startup: Stardock ObjectDock.lnk = G:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Startup Defender.lnk = G:\Startup Defender\Startup Defender.exe
O8 - Extra context menu item: >Search in Linkman - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_search.htm
O8 - Extra context menu item: Add to Linkman - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_add.htm
O8 - Extra context menu item: Add to Linkman and Edit - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_edit.htm
O8 - Extra context menu item: Customize Menu - file://D:\Roboform\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://D:\Roboform\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://D:\Roboform\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://D:\Roboform\RoboFormComSavePass.html
O8 - Extra context menu item: Show Linkman - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_show.htm
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Fill Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Roboform\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Roboform\RoboFormComFillForms.html
O9 - Extra button: Save - !!320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Roboform\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Roboform\RoboFormComSavePass.html
O9 - Extra button: RoboForm - !!724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Roboform\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - !!724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Roboform\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\SPYBOT~1\SDHelper.dll
O9 - Extra button: Freesoft - {e6be8e97-9343-42bd-9cfd-9e2e74db25d8} - http://freesoft.kljuc.net/ (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: !!0A43D7AC-D6C1-4622-B309-BF975F427C0E} (first direct internet banking plus digital safe) - https://internetbankingplus2.firstdirect.com/ibplus/frontdoorFD.cab
O16 - DPF: !!215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: !!2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: !!4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: !!56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: !!6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1218797834562
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll,wbsys.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - E:\ASQUARED\A-SQUARED ANTI-MALWARE\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\AdAware\aawservice.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - E:\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ThreatFire - PC Tools - G:\ThreatFire\TFService.exe
--
End of file - 8043 bytes
Computer (XP2 rev2) going a bit sluggish and constantly locking.
got rid of a few trojans/viruses and according to all of my progs appears to be clean but still slow.
Here is my Hijack.log file. Can anyone advise?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:34:37, on 30/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
G:\AdAware\aawservice.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
E:\Comodo\Firewall\cfp.exe
G:\ThreatFire\TFTray.exe
\Roboform\RoboTaskBarIcon.exeE:\ASQUARED\A-SQUARED ANTI-MALWARE\a2service.exe
G:\Program Files\Stardock\ObjectDock\ObjectDock.exe
G:\Startup Defender\Startup Defender.exe
E:\Comodo\Firewall\cmdagent.exe
G:\ThreatFire\TFService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\All Users\Start Menu\Programs\Utilities\AnVir.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
G:\Hijack\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://by118w.bay118.mail.live.com/mail/mail.aspx?n=1721578409&wa=wsignin1.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - Disabled:{AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: &Google - !!2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &RoboForm - !!724d43a0-0d85-11d4-9908-00400523e39a} -
\Roboform\roboform.dllO3 - Toolbar: &Linkman - !!5C9DCA26-CEC4-4280-A831-D622D4DBF113} -
\PROGRA~1\Linkman\LINKMA~1.DLLO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ThreatFire] G:\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [RoboForm] "D:\Roboform\RoboTaskBarIcon.exe"
O4 - Startup: Stardock ObjectDock.lnk = G:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: Startup Defender.lnk = G:\Startup Defender\Startup Defender.exe
O8 - Extra context menu item: >Search in Linkman - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_search.htm
O8 - Extra context menu item: Add to Linkman - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_add.htm
O8 - Extra context menu item: Add to Linkman and Edit - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_edit.htm
O8 - Extra context menu item: Customize Menu - file://D:\Roboform\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://D:\Roboform\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://D:\Roboform\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://D:\Roboform\RoboFormComSavePass.html
O8 - Extra context menu item: Show Linkman - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_show.htm
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Fill Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Roboform\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Roboform\RoboFormComFillForms.html
O9 - Extra button: Save - !!320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Roboform\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Roboform\RoboFormComSavePass.html
O9 - Extra button: RoboForm - !!724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Roboform\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - !!724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Roboform\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\SPYBOT~1\SDHelper.dll
O9 - Extra button: Freesoft - {e6be8e97-9343-42bd-9cfd-9e2e74db25d8} - http://freesoft.kljuc.net/ (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: !!0A43D7AC-D6C1-4622-B309-BF975F427C0E} (first direct internet banking plus digital safe) - https://internetbankingplus2.firstdirect.com/ibplus/frontdoorFD.cab
O16 - DPF: !!215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: !!2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: !!4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: !!56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: !!6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1218797834562
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll,wbsys.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - E:\ASQUARED\A-SQUARED ANTI-MALWARE\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - G:\AdAware\aawservice.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - E:\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ThreatFire - PC Tools - G:\ThreatFire\TFService.exe
--
End of file - 8043 bytes
"Unhappiness is not knowing what we want, and killing ourselves to get it."
Post Count: 4,111 Thanked 3,111 Times in 1,111 Posts (Actual figures as they once were))
Women and cats will do as they please, and men and dogs should relax and get used to the idea.
0
Comments
-
You have a load of start up security programs, but no ACTUAL anti virus program
Id recommend shutting down (meaning stopping from starting with windows) ~
Asquared, Threatfire, ad aware and 'startup defender'
'Object dock' could easily be causing problems
using hijack FIX the following ~
O2 - BHO: (no name) - Disabled:{AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: &Linkman - !!5C9DCA26-CEC4-4280-A831-D622D4DBF113} -\PROGRA~1\Linkman\LINKMA~1.DLL
O8 - Extra context menu item: >Search in Linkman - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_search.htm
O8 - Extra context menu item: Show Linkman - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_show.htm
O9 - Extra button: Freesoft - {e6be8e97-9343-42bd-9cfd-9e2e74db25d8} - http://freesoft.kljuc.net/ (file missing)
Download AVIRA anti virus program ~
http://www.free-av.com/
(which WILL be starting up as its the main av program)
reboot
Download MALWAREBYTES
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
UPDATe and FULL scan
Post the log here AFTER its deleted anything it needs to
Reboot
Do another HIJACK log:idea:0 -
After its clean you need to goto WINDOWS UPDATE and install SERVICE PACK 3:idea:0
-
Ok. Here is my Logfile.
Also Iola has been since uninstalled but still showing. I.E.7& Firefox pretty sluggish but a bit better on page load/refresh
Haven't updated to service pack 3 yet but must say I had a few conflicts when I had it installed before. Is this going to help a lot?
Anyways. How does this look.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:03:15, on 30/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
E:\Comodo\Firewall\cfp.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
E:\Comodo\Firewall\cmdagent.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
G:\Hijack\HijackThis.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://by118w.bay118.mail.live.com/mail/mail.aspx?n=1721578409&wa=wsignin1.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: &Google - !!2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &RoboForm - !!724d43a0-0d85-11d4-9908-00400523e39a} -\Roboform\roboform.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O8 - Extra context menu item: Add to Linkman - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_add.htm
O8 - Extra context menu item: Add to Linkman and Edit - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_edit.htm
O8 - Extra context menu item: Customize Menu - file://D:\Roboform\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://D:\Roboform\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://D:\Roboform\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://D:\Roboform\RoboFormComSavePass.html
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Fill Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Roboform\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Roboform\RoboFormComFillForms.html
O9 - Extra button: Save - !!320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Roboform\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Roboform\RoboFormComSavePass.html
O9 - Extra button: RoboForm - !!724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Roboform\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - !!724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Roboform\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: !!0A43D7AC-D6C1-4622-B309-BF975F427C0E} (first direct internet banking plus digital safe) - https://internetbankingplus2.firstdirect.com/ibplus/frontdoorFD.cab
O16 - DPF: !!215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: !!2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: !!4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: !!56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: !!6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1218797834562
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll,wbsys.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - E:\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
THIS is the result of the Malware program (Condensed)
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Terry\Local Settings\Temporary Internet Files\Content.IE5\TQSAQ6S2\showMessage[2].htm
[DETECTION] Contains recognition pattern of the HTML/Spoofing.Gen HTML script virus
[NOTE] The file was deleted!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <Backup>\System Volume Information\_restore{0A3CB4E6-B35E-4F11-BAED-48E4398BD999}\RP251\A0043441.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was deleted!
Begin scan in 'E:\'
Begin scan in 'F:\'
F:\DemoCreator\links.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
F:\System Volume Information\_restore{0A3CB4E6-B35E-4F11-BAED-48E4398BD999}\RP252\A0043469.dll
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was deleted!
F:\Tools\System Mechanic Professional 6\Undo\Manual\{DBA26511-2DD2-43E6-B33D-8FC78B2990D1}\!!336BA4FE-D300-47D3-AAFE-955B39814EAA}.htm
[0] Archive type: ZIP
--> !!336BA4FE-D300-47D3-AAFE-955B39814EAA}.htm
[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus
[NOTE] The file was deleted!
Begin scan in 'G:\'
Begin scan in 'H:\'
H:\4df6ef2fe6778bd07d94869294ee\update\update.exe
[WARNING] The file could not be opened!
H:\4df6ef2fe6778bd07d94869294ee\update\wpdinstallutil.dll
[WARNING] The file could not be opened!
H:\7735f94f3da5a06c1fcb2aad9c1a943d\update\update.exe
[WARNING] The file could not be opened!
H:\7735f94f3da5a06c1fcb2aad9c1a943d\update\updspapi.dll
[WARNING] The file could not be opened!
Begin scan in 'I:\'
Begin scan in 'J:\' <Art>
Begin scan in 'K:\'
Begin scan in 'L:\'
L:\Tools\System Mechanic Professional 6\Undo\Manual\!!8AC7E415-B5E7-420D-9DE3-C563C248141E}\!!474708B9-B9D0-455F-843E-87F2AA3F4C5E}.html
[0] Archive type: ZIP
--> !!474708B9-B9D0-455F-843E-87F2AA3F4C5E}.html
[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus
[NOTE] The file was deleted!
L:\Tools\System Mechanic Professional 6\Undo\Manual\{C1175F3D-A5D4-4325-8360-760C415DFFCD}\!!0D40FED1-A149-4B76-AD46-AB00FA7FD16D}.htm
[0] Archive type: ZIP
--> !!0D40FED1-A149-4B76-AD46-AB00FA7FD16D}.htm
[DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus
[NOTE] The file was deleted!
L:\Tools\System Mechanic Professional 6\Undo\Manual\{C1175F3D-A5D4-4325-8360-760C415DFFCD}\!!1CE7793B-6514-4255-B298-2A49EC6FA7DE}.htm
[0] Archive type: ZIP
--> !!1CE7793B-6514-4255-B298-2A49EC6FA7DE}.htm
[DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus
[NOTE] The file was deleted!
L:\Tools\System Mechanic Professional 6\Undo\Manual\{C1175F3D-A5D4-4325-8360-760C415DFFCD}\!!46926E5D-B29E-4467-84B0-F47891FB11BA}.htm
[0] Archive type: ZIP
--> !!46926E5D-B29E-4467-84B0-F47891FB11BA}.htm
[DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus
[NOTE] The file was deleted!
L:\Tools\System Mechanic Professional 6\Undo\Manual\{C1175F3D-A5D4-4325-8360-760C415DFFCD}\!!7F89419B-E5A8-407D-B5BA-EFA073C86AC5}.htm
[0] Archive type: ZIP
--> !!7F89419B-E5A8-407D-B5BA-EFA073C86AC5}.htm
[DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus
[NOTE] The file was deleted!
L:\Tools\System Mechanic Professional 6\Undo\Manual\{C1175F3D-A5D4-4325-8360-760C415DFFCD}\!!80E91D09-9BD0-4D28-8291-12E622468F78}.htm
[0] Archive type: ZIP
--> !!80E91D09-9BD0-4D28-8291-12E622468F78}.htm
[DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus
[NOTE] The file was deleted!
L:\Tools\System Mechanic Professional 6\Undo\Manual\{C1175F3D-A5D4-4325-8360-760C415DFFCD}\{EA4C58A7-54BB-438D-A911-07BEC939CBB1}.htm
[0] Archive type: ZIP
--> {EA4C58A7-54BB-438D-A911-07BEC939CBB1}.htm
[DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus
[NOTE] The file was deleted!
L:\Tools\System Mechanic Professional 6\Undo\Manual\{C1175F3D-A5D4-4325-8360-760C415DFFCD}\{FFA217BD-9A0A-40C8-9858-DFD147959803}.htm
[0] Archive type: ZIP
--> {FFA217BD-9A0A-40C8-9858-DFD147959803}.htm
[DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus
[NOTE] The file was deleted!
L:\Tools\System Mechanic Professional 6\Undo\Manual\{DBA26511-2DD2-43E6-B33D-8FC78B2990D1}\!!336BA4FE-D300-47D3-AAFE-955B39814EAA}.htm
[0] Archive type: ZIP
--> !!336BA4FE-D300-47D3-AAFE-955B39814EAA}.htm
[DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus
[NOTE] The file was deleted!
Begin scan in 'M:\'
Begin scan in 'N:\'
End of the scan: 30 December 2008 18:57
Used time: 1:20:01 Hour(s)
The scan has been done completely.
11583 Scanning directories
677519 Files were scanned
14 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
14 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
6 Files cannot be scanned
677499 Files not concerned
80738 Archives were scanned
7 Warnings
14 Notes
I take it that it is better to delete offending files rather than quarantine?"Unhappiness is not knowing what we want, and killing ourselves to get it."Post Count: 4,111 Thanked 3,111 Times in 1,111 Posts (Actual figures as they once were))Women and cats will do as they please, and men and dogs should relax and get used to the idea.0 -
Ok
Looks like you installed a program called 'System Mechanic Professional 6' at some point? If its still on there then uninstall it (if possible)
Service pack 3 is full of microsoft security updates. Without it your wide open to certain attacks through windows. What problems were you having?
Download CCLEANER
http://www.filehippo.com/download_ccleaner/
Run the top 2 scans (backup when it asks on the 2nd one)
You can even goto TOOLS and uninstall the mechanic program from there (If it exists)
The hijack log looks clean but did you run AFTER a reboot? Its just it shows Panda, trend micro and Eset scanners in the log? Im confused if anythings running as if so, they may be conflicting.
If your unsure can you make SURE you do a reboot and do a hijack log before anything else please?
Update and do a full scan with Avira and threatfire. Let me know if they find anything. If not then the sluggish net is probably something to do with your actual connection:idea:0 -
Hi Alien.
Thanks for your time & advice.
I ran Crap Cleaner and rebooted and then ran Hijack to obtain this.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:59:02, on 31/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
E:\Comodo\Firewall\cfp.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
E:\Comodo\Firewall\cmdagent.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
G:\Hijack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://by118w.bay118.mail.live.com/mail/mail.aspx?n=1721578409&wa=wsignin1.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: &Google - !!2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &RoboForm - !!724d43a0-0d85-11d4-9908-00400523e39a} -\Roboform\roboform.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O8 - Extra context menu item: Add to Linkman - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_add.htm
O8 - Extra context menu item: Add to Linkman and Edit - file://C:\Documents and Settings\Terry\My Documents\Linkman\iescript_edit.htm
O8 - Extra context menu item: Customize Menu - file://D:\Roboform\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://D:\Roboform\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://D:\Roboform\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://D:\Roboform\RoboFormComSavePass.html
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Fill Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Roboform\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Roboform\RoboFormComFillForms.html
O9 - Extra button: Save - !!320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Roboform\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Roboform\RoboFormComSavePass.html
O9 - Extra button: RoboForm - !!724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Roboform\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - !!724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Roboform\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: !!0A43D7AC-D6C1-4622-B309-BF975F427C0E} (first direct internet banking plus digital safe) - https://internetbankingplus2.firstdirect.com/ibplus/frontdoorFD.cab
O16 - DPF: !!215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: !!2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: !!4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: !!56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: !!6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1218797834562
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll,wbsys.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - E:\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 6645 bytes
Just thought I'd let you look to make sure but the ol' jalopy is now flying instead of limping.
Thanks again and lets hope Avira keeps it that way.
If nothing else at least it made me clear my desktop.
"Unhappiness is not knowing what we want, and killing ourselves to get it."Post Count: 4,111 Thanked 3,111 Times in 1,111 Posts (Actual figures as they once were))Women and cats will do as they please, and men and dogs should relax and get used to the idea.0 -
I'd make sure you get SP3, though, it helps plug more security holes and helps prevent nasties in the first place
......Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple
0 -
As Gunjack says. make sure you update to service pack 3 :idea:0
-
Ok. Will do.
I have had a few probs over the time (3 yrs) that I have had this machine and even after a couple of complete re-installs it has never gone faster than it does now.
Service pack 3 here I come."Unhappiness is not knowing what we want, and killing ourselves to get it."Post Count: 4,111 Thanked 3,111 Times in 1,111 Posts (Actual figures as they once were))Women and cats will do as they please, and men and dogs should relax and get used to the idea.0 -
nice one, glad to see a result ......Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.1K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards