1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

[Resolved?] running slow

Discussion in 'Malware and Virus Removal Archive' started by boggie, 2008/12/18.

  1. 2008/12/18
    boggie

    boggie Inactive Thread Starter

    Joined:
    2008/04/12
    Messages:
    55
    Likes Received:
    0
    Iam runnin a xp sp2 for two weeks it has been getting slower and i have done alot of scans but no fix has of yet so i am asking if someone could help :)
     
  2. 2008/12/18
    Arie

    Arie Administrator Administrator Staff

    Joined:
    2001/12/27
    Messages:
    15,174
    Likes Received:
    412
    Hi,

    Read this post as indicated at the top of this forum & follow the instructions.
     
    Arie,
    #2

  3. to hide this advert.

  4. 2008/12/18
    boggie

    boggie Inactive Thread Starter

    Joined:
    2008/04/12
    Messages:
    55
    Likes Received:
    0
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:59:59 AM, on 12/18/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\netdde.exe
    C:\WINDOWS\system32\clipsrv.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\PROGRA~1\Yahoo!\YOP\yop.exe
    C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\ManyCam 2.3\ManyCam.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Yahoo!\browser\ybrowser.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: MSIEPlugin - {4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
    O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe "
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.3\ManyCam.exe "
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O16 - DPF: {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - http://www.00110.net/tj2007/00110.cab
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

    --
    End of file - 8775 bytes
     
  5. 2008/12/18
    Centurion

    Centurion Inactive

    Joined:
    2007/01/23
    Messages:
    69
    Likes Received:
    1
    First of all ,how much ram do you have ?? When was your last defrag ?
     
  6. 2008/12/18
    boggie

    boggie Inactive Thread Starter

    Joined:
    2008/04/12
    Messages:
    55
    Likes Received:
    0
    re: centurion

    sorry i had to leave for awhile thanks for your responce i have 512 ram and defrag was done on 12/ 17/ 2008 this has been going on for about 2 weeks and now it is effecting my media players stoping them and skipping and such if you need more info i will try to give thanks
     
  7. 2008/12/18
    Arie

    Arie Administrator Administrator Staff

    Joined:
    2001/12/27
    Messages:
    15,174
    Likes Received:
    412
    Sounds more like a resource problem than a Malware problem, but just to be sure lets wait for a malware expert to "sign off" on it :D
     
    Arie,
    #6
  8. 2008/12/18
    boggie

    boggie Inactive Thread Starter

    Joined:
    2008/04/12
    Messages:
    55
    Likes Received:
    0
    Thanks I was not sure about this problem have never had this happen before it happened all of a sudden and thanks again
     
  9. 2008/12/19
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    We need more than just a HijackThis log to begin any sort of analysis. Please download DDS and save it to your desktop.
    • Disable any script blocking protection
    • Double click dds.scr to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop.

    Please include the contents of both logs in your next reply. The scan will instruct you to post the attach log as an attachment. No need for that though ..... just post it as you would any other log.
     
  10. 2008/12/19
    boggie

    boggie Inactive Thread Starter

    Joined:
    2008/04/12
    Messages:
    55
    Likes Received:
    0
    Deckard's System Scanner v20071014.68
    Run by tom on 2008-12-19 06:45:31
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    Total Physical Memory: 511 MiB (512 MiB recommended).


    -- HijackThis (run as tom.exe) -------------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 6:47:11 AM, on 12/19/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16762)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\netdde.exe
    C:\WINDOWS\system32\clipsrv.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\PROGRA~1\Yahoo!\YOP\yop.exe
    C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\ManyCam 2.3\ManyCam.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Yahoo!\browser\ybrowser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\tom\Desktop\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\tom.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../sbcydsl/*http://www.yahoo.com/search/ie.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: MSIEPlugin - {4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
    O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe "
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.3\ManyCam.exe "
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\common\yiesrvc.dll
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
    O16 - DPF: {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - http://www.00110.net/tj2007/00110.cab
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

    --
    End of file - 8854 bytes

    -- Files created between 2008-11-19 and 2008-12-19 -----------------------------

    2008-12-18 06:58:16 0 d-------- C:\rsit
    2008-12-17 19:27:13 0 d-------- C:\Documents and Settings\sharon jones\Application Data\Malwarebytes
    2008-12-17 19:27:05 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-12-17 19:27:05 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-12-17 13:03:00 0 d-------- C:\Program Files\Java
    2008-12-17 08:42:27 0 dr-h----- C:\Documents and Settings\sharon jones\Recent
    2008-12-16 14:44:19 0 d-------- C:\Program Files\Windows Media Components
    2008-12-16 13:04:14 0 d-------- C:\WINDOWS\Logs
    2008-12-15 20:28:18 0 dr-h----- C:\Documents and Settings\tom\Recent
    2008-12-15 15:33:00 0 d-------- C:\ATI
    2008-12-14 15:45:51 0 d-------- C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
    2008-12-07 08:11:31 0 d-------- C:\Program Files\SDHelper (Spybot - Search & Destroy)
    2008-12-07 08:11:26 0 d-------- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
    2008-12-07 08:11:26 0 d-------- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
    2008-11-23 20:13:09 0 d-------- C:\Documents and Settings\sharon jones\Application Data\Leadertech


    -- Find3M Report ---------------------------------------------------------------

    2008-12-19 06:45:50 0 d-------- C:\Documents and Settings\tom\Application Data\alot
    2008-12-16 16:06:19 0 d-------- C:\Program Files\Camstreams Media Encoder
    2008-12-16 14:07:21 0 d-------- C:\Program Files\SoundSpectrum
    2008-12-15 14:18:47 0 d-------- C:\Program Files\Logitech
    2008-12-15 14:15:01 0 d-a------ C:\Program Files\Common Files
    2008-12-07 08:11:28 0 d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    2008-12-06 13:52:52 0 d-------- C:\Program Files\ManyCam 2.3
    2008-12-06 13:05:23 0 d-------- C:\Program Files\Common Files\LogiShrd
    2008-11-02 20:53:23 0 d-------- C:\Documents and Settings\tom\Application Data\com.uplayme.airclient.9B472EFF9A3BAE26509EDFEDD3D8214233BACDB1.1
    2008-11-02 20:53:21 0 d-------- C:\Documents and Settings\tom\Application Data\Adobe
    2008-11-02 20:51:26 0 d-------- C:\Program Files\alot
    2008-11-02 11:40:35 0 d-------- C:\Program Files\DivX
    2008-10-26 07:28:59 0 d-------- C:\Program Files\Messenger


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}]
    07/17/2008 12:28 PM 675624 --a------ C:\Program Files\alot\bin\alot.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    12/17/2008 01:03 PM 34816 --a------ C:\Program Files\Java\jre6\bin\jp2ssv.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    12/17/2008 01:03 PM 73728 --a------ C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SweetIM "= "C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [01/02/2008 08:15 PM]
    "Microsoft Works Update Detection "= "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [08/16/2001 10:41 PM]
    "YOP "= "C:\PROGRA~1\Yahoo!\YOP\yop.exe" [10/26/2007 02:42 PM]
    "YBrowser "= "C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe" [07/21/2006 03:19 PM]
    "avast! "= "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [11/26/2008 11:18 AM]
    "LogitechCommunicationsManager "= "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [08/14/2008 04:11 PM]
    "LogitechQuickCamRibbon "= "C:\Program Files\Logitech\QuickCam\Quickcam.exe" [08/14/2008 04:15 PM]
    "SunJavaUpdateSched "= "C:\Program Files\Java\jre6\bin\jusched.exe" [12/17/2008 01:03 PM]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:56 AM]
    "SweetIM "= "C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [01/02/2008 08:15 PM]
    "ManyCam "= "C:\Program Files\ManyCam 2.3\ManyCam.exe" [08/08/2008 05:02 AM]
    "SpybotSD TeaTimer "= "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [05/31/2005 01:04 AM]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools "=0 (0x0)
    "HideLegacyLogonScripts "=0 (0x0)
    "HideLogoffScripts "=0 (0x0)
    "RunLogonScriptSync "=1 (0x1)
    "RunStartupScriptSync "=1 (0x1)
    "HideStartupScripts "=0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "HideLegacyLogonScripts "=0 (0x0)
    "HideLogoffScripts "=0 (0x0)
    "RunLogonScriptSync "=1 (0x1)
    "RunStartupScriptSync "=1 (0x1)
    "HideStartupScripts "=0 (0x0)
    "DisableRegistryTools "=0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    @=

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @= "Volume shadow copy "

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk.disabled]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk.disabled
    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnk.disabledCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk.disabled]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk.disabled
    backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnk.disabledCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AT&T Self Support Tool.lnk.disabled]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk.disabled
    backup=C:\WINDOWS\pss\AT&T Self Support Tool.lnk.disabledCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk.disabled]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk.disabled
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnk.disabledCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk]
    path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
    backup=C:\WINDOWS\pss\Microsoft Works Calendar Reminders.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^sharon jones^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=C:\Documents and Settings\sharon jones\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
    "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe "

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIAGENT]
    C:\Program Files\Creative\SBLive\Creative Diagnostics 2.0\DIAGENT.EXE startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    "C:\Program Files\Messenger\msmsgs.exe" /background

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
    "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMC_AutoUpdate]


    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
    C:\Program Files\Microsoft Works\wkfud.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
    C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "Microsoft Works Update Detection "=C:\Program Files\Microsoft Works\WkDetect.exe
    "IpWins "=C:\Program Files\Ipwindows\ipwins.exe
    "BitTorrent "= "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    "Yahoo! Pager "=~ "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "UpdReg "=C:\WINDOWS\Updreg.exe
    "Motive SmartBridge "=C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    "YBrowser "=C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    "LXSUPMON "=C:\WINDOWS\System32\LXSUPMON.EXE RUN
    "SunJavaUpdateSched "= "C:\Program Files\Java\j2re1.4.2_13\bin\jusched.exe "
    "QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" -atboottime
    "iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe "
    "WinampAgent "=C:\Program Files\Winamp\winampa.exe
    "Microsoft Works Portfolio "=C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    "MoneyStartUp10.0 "= "C:\Program Files\Microsoft Money\System\Activation.exe "
    "MimBoot "=C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
    "DIAGENT "=C:\Program Files\Creative\SBLive\Creative Diagnostics 2.0\DIAGENT.EXE startup
    "Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
    "AHQInit "=C:\Program Files\Creative\SBLive\Program\AHQInit.exe




    -- End of Deckard's System Scanner: finished at 2008-12-19 06:51:07 ------------
     
  11. 2008/12/19
    m3ow

    m3ow Inactive

    Joined:
    2008/12/17
    Messages:
    94
    Likes Received:
    0
    My advise,

    Download "Disk Cleanup ", run this in safe mode only while anti virus is off!
    -This will wipe out all your temp files and even the hidden one.

    Download "Disk Defrag" or "Smart Defrag ", run this anywhere? make it in safe mode better la.
    -windows defrag is consider very bad compare to those downloadeble application. use it!


    asking u do this 2 step because your computer might be slow when u did not clean up pc properly.

    LAST ADVISE.... open up your pc and clean all the dust out. do turn the power off and unplug before u start doing it.

    btw.. the the pc clean up first :)
     
  12. 2008/12/21
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Sorry for the delay boggie.

    First, why did you run Deckard's System Scanner? My instructions above were to run a tool named DDS, and a link was provided. :confused:

    Deckard's has been removed from public recommendation due to conflict with a prevalent infection that could render your machine unbootable. I recommend you delete DSS.exe and the C:\Deckard folder.

    You noted the slowdown has occured in the last 2 weeks, and looking at your log it appears to be about the time you installed ManyCam 2.3 ..... does that sound about right? If so, recommend you uninstall it and see if it makes a difference. I also recommend you uninstall the Alot Toolbar - it is known adware.
     
  13. 2008/12/22
    boggie

    boggie Inactive Thread Starter

    Joined:
    2008/04/12
    Messages:
    55
    Likes Received:
    0
    sorry fo my delay, I have deleted the programs per your instructions. I am sending both logs per your request. I appreciate your continued assistance.

    DDS (Version 1.1.0) - NTFSx86
    Run by sharon jones at 16:32:30.82 on Mon 12/22/2008
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.207 [GMT -6:00]

    AV: avast! antivirus 4.8.1296 [VPS 081221-0] *On-access scanning enabled* (Updated)

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\netdde.exe
    C:\WINDOWS\system32\clipsrv.exe
    C:\WINDOWS\System32\CTsvcCDA.EXE
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\PROGRA~1\Yahoo!\YOP\yop.exe
    C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Camstreams Media Encoder\Bin\CamstreamsEncoder.exe
    C:\Program Files\Yahoo!\browser\ybrowser.exe
    C:\Documents and Settings\sharon jones\My Documents\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://att.yahoo.com/
    uSearch Page = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    uWindow Title =
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
    mWindow Title =
    uInternet Settings,ProxyServer = localhost:8080
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    uURLSearchHooks: SweetIM For Internet Explorer: {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - c:\program files\macrogaming\sweetimbarforie\toolbar.dll
    uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: Yahoo! Toolbar Helper: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: SWEETIE Class: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - c:\progra~1\macrog~1\sweeti~1\toolbar.dll
    BHO: Yahoo! IE Services Button: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: SidebarAutoLaunch Class: {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    TB: SweetIM For Internet Explorer: {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - c:\program files\macrogaming\sweetimbarforie\toolbar.dll
    uRun: [Yahoo! Pager] ~ "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe
    mRun: [YOP] c:\progra~1\yahoo!\yop\yop.exe /autostart
    mRun: [YBrowser] c:\progra~1\yahoo!\browser\ybrwicon.exe
    mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
    mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe "
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
    StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Adobe Reader Speed Launch.lnk.disabled
    StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Adobe Reader Synchronizer.lnk.disabled
    mPolicies-system: RunStartupScriptSync = 1 (0x1)
    IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll
    IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
    IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {301DA1EE-F65C-4188-A417-9E915CC8FBFA}
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

    ============= SERVICES / DRIVERS ===============


    =============== Created Last 30 ================

    2008-12-19 06:54 <DIR> --d----- c:\windows\system32\CatRoot_bak
    2008-12-17 19:27 <DIR> --d----- c:\docume~1\sharon~1\applic~1\Malwarebytes
    2008-12-17 19:27 15,504 a------- c:\windows\system32\drivers\mbam.sys
    2008-12-17 19:27 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
    2008-12-17 19:27 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
    2008-12-17 19:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2008-12-17 13:03 73,728 a------- c:\windows\system32\javacpl.cpl
    2008-12-16 14:44 <DIR> --d----- c:\program files\Windows Media Components
    2008-12-16 13:04 <DIR> --d----- c:\windows\Logs
    2008-12-15 15:33 <DIR> --d----- C:\ATI
    2008-12-15 06:29 1,920,054 a---h--- c:\windows\system32\toyhide.bmp
    2008-12-14 15:45 <DIR> --d----- c:\docume~1\alluse~1\applic~1\WhiteCap (Holiday Edition)
    2008-12-14 03:02 102 a------- c:\windows\CTRec.INI
    2008-12-10 10:26 410,984 a------- c:\windows\system32\deploytk.dll
    2008-12-07 08:11 <DIR> --d----- c:\program files\SDHelper (Spybot - Search & Destroy)
    2008-12-07 08:11 <DIR> --d----- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
    2008-12-07 08:11 <DIR> --d----- c:\program files\File Scanner Library (Spybot - Search & Destroy)
    2008-12-06 13:05 13,848 a----r-- c:\windows\system32\drivers\lv302af.sys
    2008-12-06 13:05 1,278,104 a----r-- c:\windows\system32\drivers\LV302V32.SYS
    2008-12-06 13:05 490,008 a----r-- c:\windows\system32\LVUI2.dll
    2008-12-06 13:05 465,432 a----r-- c:\windows\system32\LVUI2RC.dll
    2008-12-06 13:05 416,280 a----r-- c:\windows\system32\lvcodec2.dll
    2008-12-06 13:05 195,096 a----r-- c:\windows\system32\lvci1110.dll
    2008-12-06 13:05 58,163 a----r-- c:\windows\system32\lvcoinst.ini
    2008-12-06 13:05 41,752 a----r-- c:\windows\system32\drivers\LVUSBSta.sys
    2008-12-06 13:05 19,344 a----r-- c:\windows\system32\Repository.reg

    ==================== Find3M ====================

    2008-12-18 04:03 164,604 a------- c:\windows\pchealth\helpctr\config\cache\Personal_32_1033.dat
    2008-10-27 10:04 514,384 a------- c:\windows\system32\XAudio2_3.dll
    2008-10-27 10:04 235,856 a------- c:\windows\system32\xactengine3_3.dll
    2008-10-27 10:04 23,376 a------- c:\windows\system32\X3DAudio1_5.dll
    2008-10-27 10:04 70,992 a------- c:\windows\system32\XAPOFX1_2.dll
    2008-10-24 05:10 453,632 a------- c:\windows\system32\drivers\mrxsmb.sys
    2008-10-23 07:01 283,648 a------- c:\windows\system32\gdi32.dll
    2008-10-16 14:38 826,368 a------- c:\windows\system32\wininet.dll
    2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
    2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
    2008-10-10 04:52 4,379,984 a------- c:\windows\system32\D3DX9_40.dll
    2008-10-10 04:52 2,036,576 a------- c:\windows\system32\D3DCompiler_40.dll
    2008-10-10 04:52 452,440 a------- c:\windows\system32\d3dx10_40.dll
    2008-10-03 04:15 247,326 a------- c:\windows\system32\strmdll.dll

    ============= FINISH: 16:35:42.82 ===============
     
  14. 2008/12/22
    boggie

    boggie Inactive Thread Starter

    Joined:
    2008/04/12
    Messages:
    55
    Likes Received:
    0
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Version 1.0)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 1/20/2007 8:26:19 PM
    System Uptime: 12/22/2008 5:13:50 AM (11 hours ago)

    Motherboard: Intel Corporation | | D845EPT2
    Processor: Intel(R) Pentium(R) 4 CPU 2.00GHz | X1 | 1993/100mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 37 GiB total, 15.33 GiB free.
    D: is CDROM ()
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP511: 12/15/2008 7:50:59 PM - Removed Windows Media Encoder 9 Series
    RP512: 12/15/2008 7:53:21 PM - Removed Microsoft® Winter Fun Pack 2004 for Windows® XP
    RP513: 12/15/2008 9:55:50 PM - Software Distribution Service 3.0
    RP514: 12/16/2008 1:07:07 PM - Installed DirectX
    RP515: 12/16/2008 1:37:01 PM - Installed Windows XP Creativity Fun Packs - Player Visualizations
    RP516: 12/16/2008 2:44:17 PM - Installed Windows Media Encoder 9 Series
    RP517: 12/16/2008 4:05:53 PM - Installed Windows Media Format 9 Series Runtime Setup
    RP518: 12/17/2008 8:13:54 AM - Software Distribution Service 3.0
    RP519: 12/17/2008 8:19:17 AM - Software Distribution Service 3.0
    RP520: 12/17/2008 1:02:58 PM - Installed Java(TM) 6 Update 11
    RP521: 12/17/2008 8:49:11 PM - Software Distribution Service 3.0
    RP522: 12/18/2008 4:20:19 AM - December 1 2008
    RP523: 12/18/2008 4:21:24 AM - Restore Operation
    RP524: 12/18/2008 4:54:07 AM - Restore Operation
    RP525: 12/19/2008 8:18:53 AM - System Checkpoint
    RP526: 12/19/2008 8:27:11 AM - Software Distribution Service 3.0
    RP527: 12/20/2008 11:48:50 AM - System Checkpoint
    RP528: 12/21/2008 3:17:17 PM - System Checkpoint

    ==== Installed Programs ======================


    2Wire Wireless Client
    Adobe Flash Player 10 ActiveX
    Adobe Reader 8.1.1
    Adobe Shockwave Player
    AT&T Self Support Tool
    AT&T Yahoo! Applications
    ATI Display Driver
    AutoUpdate
    avast! Antivirus
    Camstreams Media Encoder
    Canon Camera Access Library
    Canon Camera Support Core Library
    Canon Camera Window DC_DV 5 for ZoomBrowser EX
    Canon Camera Window DC_DV 6 for ZoomBrowser EX
    Canon Camera Window MC 6 for ZoomBrowser EX
    Canon G.726 WMP-Decoder
    Canon MovieEdit Task for ZoomBrowser EX
    Canon RAW Image Task for ZoomBrowser EX
    Canon RemoteCapture Task for ZoomBrowser EX
    Canon Utilities PhotoStitch
    Canon Utilities ZoomBrowser EX
    CCleaner (remove only)
    Dell Digital Jukebox Driver
    Dell ResourceCD
    DivX Codec
    DivX Converter
    DivX Player
    DivX Web Player
    Easy CD Creator 5 Basic
    G-Force
    getPlus(R)_ocx
    Google Toolbar for Internet Explorer
    HijackThis 2.0.2
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows XP (KB914440)
    Hotfix for Windows XP (KB915865)
    Hotfix for Windows XP (KB952287)
    Java(TM) 6 Update 11
    Lexmark Supplies Monitor
    Lexmark Z45
    LimeWire 4.16.3
    Logitech QuickCam
    Logitech® Camera Driver
    Macrogaming SweetIM 2.1
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 2.0 Service Pack 1
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Picture It! Photo 2002
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Word 2002
    Microsoft Works 2002 Setup Launcher
    Microsoft Works 6.0
    Microsoft Works Suite Add-in for Microsoft Word
    Musicmatch® Jukebox
    MVision
    Security Update for CAPICOM (KB931906)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Media Encoder (KB954156)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows Media Player 9 (KB911565)
    Security Update for Windows Media Player 9 (KB936782)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901190)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB921883)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB929969)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933566)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB937143)
    Security Update for Windows XP (KB938127)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB941693)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944338)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB945553)
    Security Update for Windows XP (KB946026)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB947864)
    Security Update for Windows XP (KB948590)
    Security Update for Windows XP (KB948881)
    Security Update for Windows XP (KB950749)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Shockwave
    Sound Blaster Live! Value
    Spybot - Search & Destroy 1.4
    Sure Delete 5.1.1
    SweetIM For Internet Explorer 3.0b
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB904942)
    Update for Windows XP (KB908531)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB933360)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB955839)
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Media Encoder 9 Series
    Windows Media Format Runtime
    Windows XP Creativity Fun Packs - Player Visualizations
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    Windows XP Service Pack 2
    Works Suite OS Pack
    Works Synchronization
    Yahoo! Search Protection
    Yahoo! Toolbar

    ==== Event Viewer Messages From Past Week ========

    12/15/2008 8:08:30 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.

    ==== End Of File ===========================
     
  15. 2008/12/22
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Hi boggie,

    Your log appears to free of malware. You did not respond to my question about Many Cam, and I do not see it in the new logs. Have you uninstalled it now? Is there any change in behavior?
     
  16. 2008/12/22
    boggie

    boggie Inactive Thread Starter

    Joined:
    2008/04/12
    Messages:
    55
    Likes Received:
    0
    yes Noahdfear it changed thanks, appreciate you much. Have a Merry Christmas.
     
  17. 2008/12/22
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    I can only surmize that things are normal again. :confused:

    Happy holidays to you as well. :)
     
  18. 2008/12/23
    boggie

    boggie Inactive Thread Starter

    Joined:
    2008/04/12
    Messages:
    55
    Likes Received:
    0
    Thanks again Noahdfear It seems to be running well for now and yes many cam and alot are gone so it is smoother running Iwant to say thanks for your advice and help if it starts to act strange i will post again:)
     
  19. 2008/12/23
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    You're very welcome. :)
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.