Slow Pc

Kat

By Kat,
in Malware Removal

 Share Followers 0

Recommended Posts

Kat

Kat

Posted
Posted

Hey ya'll! I am at a friends' house. I admit that I am still very far behind on HJT and doing fixes alone again. Her pc is a newer Dell, and she is running cable internet. Yet...she is running VERY slow and laggy. We've deleted everything that is unnecessary for the programs.

anyway, let's start with a log!

Logfile of HijackThis v1.99.0

Scan saved at 6:06:42 PM, on 1/17/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

C:\WINDOWS\System32\cisvc.exe

C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

C:\WINDOWS\System32\wuauclt.exe

C:\WINDOWS\System32\cidaemon.exe

C:\WINDOWS\System32\cidaemon.exe

C:\Program Files\Trillian\trillian.exe

D:\HydraIRC\HydraIRC.exe

C:\Documents and Settings\Aaron's Sales\My Documents\SPYWARE PROGRAMS\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [sAClient] "C:\Program Files\Insight\BBClient\Programs\RegCon.exe" /admincheck

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - Startup: EWRun.lnk = D:\Install\EWRun.exe

O4 - Global Startup: HPAiODevice(hp officejet 5100 series) - 1.lnk.disabled

O4 - Global Startup: Logitech Desktop Messenger.lnk.disabled

O4 - Global Startup: Microsoft Office.lnk.disabled

O4 - Global Startup: WinZip Quick Pick.lnk.disabled

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O16 - DPF: Aces Up! by pogo - http://game3.pogo.com/applet-6.1.0.39/aces...s-ob-assets.cab

O16 - DPF: Backgammon by pogo - http://gammon.pogo.com/applet-5.9.5.30/bac...n-ob-assets.cab

O16 - DPF: Buckaroo Blackjack TM by pogo - http://vbjack.pogo.com/applet-6.0.0.32/vid...k-ob-assets.cab

O16 - DPF: Canasta by pogo - http://canasta.pogo.com/applet-6.0.4.37/ca...a-ob-assets.cab

O16 - DPF: Dice Derby by pogo - http://checkeredflag.pogo.com/applet-6.1.0...g-ob-assets.cab

O16 - DPF: Dominoes by pogo - http://domino.pogo.com/applet-5.9.5.30/dom...o-ob-assets.cab

O16 - DPF: Euchre by pogo - http://euchre.pogo.com/applet-6.0.2.29/euc...e-ob-assets.cab

O16 - DPF: First Class Solitaire by pogo - http://game3.pogo.com/applet-6.0.3.35/soli...2-ob-assets.cab

O16 - DPF: Fortune Bingo by pogo - http://superbingo.pogo.com/applet-5.9.5.37...o-ob-assets.cab

O16 - DPF: Hearts by pogo - http://hearts.pogo.com/applet-6.0.3.35/hea...s-ob-assets.cab

O16 - DPF: High Stakes Poker by pogo - http://game5.pogo.com/applet-6.0.4.37/draw...r-ob-assets.cab

O16 - DPF: High Stakes Pool by pogo - http://game4.pogo.com/applet-6.0.4.37/pool...l-ob-assets.cab

O16 - DPF: Jigsaw Detective by pogo - http://game3.pogo.com/applet-6.0.4.37/jigs...w-ob-assets.cab

O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet-6.0.4.37/gin/gin-ob-assets.cab

O16 - DPF: Mah Jong Garden by pogo - http://game4.pogo.com/applet-6.0.3.35/mahj...g-ob-assets.cab

O16 - DPF: Payday FreeCell by pogo - http://freecell.pogo.com/applet-5.9.5.37/f...l-ob-assets.cab

O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-6.0.4.37...l-ob-assets.cab

O16 - DPF: Phlinx by pogo - http://game4.pogo.com/applet-6.0.1.28/flin...r-ob-assets.cab

O16 - DPF: Pinochle by pogo - http://game4.pogo.com/applet-6.0.3.28/pino...e-ob-assets.cab

O16 - DPF: Pop Fu by pogo - http://popfu.pogo.com/applet-6.0.4.31/popf...u-ob-assets.cab

O16 - DPF: Spades by pogo - http://spades.pogo.com/applet-5.9.5.30/spa...s-ob-assets.cab

O16 - DPF: Spider Solitaire by pogo - http://game4.pogo.com/applet-6.1.0.39/spid...r-ob-assets.cab

O16 - DPF: Squelchies by pogo - http://squelchies.pogo.com/applet-6.0.4.37...s-ob-assets.cab

O16 - DPF: Sweet Tooth TM by pogo - http://sweettooth.pogo.com/applet-6.0.1.20...h-ob-assets.cab

O16 - DPF: Texas Hold'em Poker by pogo - http://game4.pogo.com/applet-6.0.4.31/hold...m-ob-assets.cab

O16 - DPF: Tri-Peaks by pogo - http://game4.pogo.com/applet-6.0.4.37/peak...s-ob-assets.cab

O16 - DPF: Tumble Bees by pogo - http://jumbee.pogo.com/applet-6.0.2.29/jum...e-ob-assets.cab

O16 - DPF: Turbo 21 TM by pogo - http://game5.pogo.com/applet-5.9.5.30/turb...1-ob-assets.cab

O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown.pogo.com/applet-6.0.4.37/...n-ob-assets.cab

O16 - DPF: WordJong by pogo - http://game5.pogo.com/applet-6.0.4.31/word...g-ob-assets.cab

O16 - DPF: World Class Solitaire by pogo - http://game4.pogo.com/applet-6.0.4.37/worl...s-ob-assets.cab

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://usercenter.cox.net/rsuite/sdccommon.../cx_tgctlcm.jsp

O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB

O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://dl.filekicker.com/send/file/128985-NZIL/PhPSetup.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab

O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab

O16 - DPF: {A662DA7E-CCB7-4743-B71A-D817F6D575DF} (Autodesk Express Viewer Control) - http://www.autodesk.com/global/expressview...ViewerSetup.cab

O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\AutoCAD 2002\InstBanr.ocx

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/...utocomplete.cab

O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Program Files\AutoCAD 2002\InstFred.ocx

O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx

O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Multimedia_Interface - Unknown - C:\WINDOWS\System32\ck21\aysshell.exe (file missing)

O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Followers 0
Go to topic listing