Thread: Slow to respond to clicks, disconnects from dialup, lot of programs not responding
View Single Post
Old 11-18-2008, 12:47 AM   #13 (permalink)
seal123
Registered User
 
Join Date: Nov 2008
Posts: 29
OS: XP Pro SP2


Re: Slow to respond to clicks, disconnects from dialup, lot of programs not respondin
Thanks again Angelfire
Limewire was on this machine previous, but I told my teenage sons to get it off and not to use it again. I have not seen it since, on the desktop or in the programs list. I have just gone to Control Panel and cannot find it. I will interrogate them again, but I cannot see it.

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, November 18, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, November 17, 2008 08:37:04
Records in database: 1389451
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Files scanned: 69438
Threat name: 3
Infected objects: 4
Suspicious objects: 0
Duration of the scan: 01:41:53


File name / Threat name / Threats count
C:\Documents and Settings\Deb\Desktop\Ria's MP3 Player\freeripmp3.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.br 1
C:\Documents and Settings\Deb\Shared\programs\calorie king nutrition manager ShareAccelerator.zip Infected: not-a-virus:AdWare.Win32.Shopper.am 1
C:\Documents and Settings\Deb\Shared\programs\LimeWire Pro 4.9.7 With LimeWire Download Accelerator Pro - By -kbssa-.zip Infected: not-a-virus:AdWare.Win32.NewDotNet 1
C:\Documents and Settings\Deb\Shared\programsbrett\LimeWire Download Accelerator Pro - By -kbssa-.exe Infected: not-a-virus:AdWare.Win32.NewDotNet 1

The selected area was scanned.





DDS (Version 1.0) - NTFSx86
Run by Deb at 16:55:40.02 on Tue 18/11/2008
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.553 [GMT 10:00]

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Deb\Desktop\Malware detection\dds.scr

============== Psuedo HJT Report ===============

uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: {4A368E80-174F-4872-96B5-0B27DDD11DB2} - c:\program files\spywareguard\dlprotect.dll
BHO: {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [COMODO Firewall Pro] "c:\program files\comodo\firewall\cfp.exe" -h
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [MAAgent] c:\program files\markany\contentsafer\MAAgent.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\firewall\cfp.exe" -h
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\docume~1\deb\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\deb\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
TrustedZone: www.linkshare.com
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office11\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: AtiExtEvent -Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {81559C35-8464-49F7-BB0E-07A383BEF910} - c:\program files\spywareguard\spywareguard.dll
SEH: {88485281-8b4b-4f8d-9ede-82e29a064277} - c:\progra~1\markany\conten~1\MACSMA~1.DLL

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys
R2 ScFBPNT;CanoScan FBP Port Driver;\??\c:\windows\system32\drivers\ScFBPNT.SYS
S3 firewall;firewall;\??\c:\program files\foxie suite\firewall.sys
S3 JL2005;JL2005A Toy Camera;c:\windows\system32\drivers\toywdm.sys
S3 SetupNTGLM7X;SetupNTGLM7X;\??\D:\NTGLM7X.sys

=============== Created Last 30 ================

2008-11-17 14:53 410,976 a------- c:\windows\system32\deploytk.dll
2008-11-17 14:53 73,728 a------- c:\windows\system32\javacpl.cpl
2008-11-16 11:32 <DIR> --d----- c:\program files\Lavasoft
2008-11-14 21:20 <DIR> a-dshr-- C:\cmdcons
2008-11-14 16:57 161,792 a------- c:\windows\SWREG.exe
2008-11-14 16:57 98,816 a------- c:\windows\sed.exe
2008-11-09 13:11 <DIR> --d----- c:\docume~1\deb\applic~1\Free Download Manager
2008-11-09 13:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\FreeDownloadManager.ORG
2008-11-09 13:10 <DIR> --d----- c:\program files\Free Download Manager
2008-11-07 11:50 54,156 a---h--- c:\windows\QTFont.qfn
2008-11-07 11:50 1,409 a------- c:\windows\QTFont.for
2008-10-29 11:24 <DIR> --d----- c:\program files\SEO Elite 4

==================== Find3M ====================

2008-11-16 17:55 <DIR> --d----- c:\program files\Reply Email Automator Setup
2008-11-13 13:22 <DIR> --d----- c:\program files\PopCap Games
2008-11-13 13:22 <DIR> --d----- c:\program files\Real Link Finder
2008-11-13 13:00 <DIR> --d----- c:\program files\LimeWire
2008-11-12 18:56 <DIR> --d----- c:\program files\Keyword Elite
2008-11-12 10:55 143,096 a------- c:\windows\system32\guard32.dll
2008-11-05 10:20 <DIR> --d----- c:\program files\SpywareGuard
2008-10-11 09:06 <DIR> --d----- c:\program files\FreeRIP3
2008-10-11 09:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\FreeRIP
2008-10-06 08:02 <DIR> --d----- c:\program files\Windows Media Connect 2
2008-10-05 21:22 <DIR> --d----- c:\docume~1\deb\applic~1\DataCast
2008-10-05 15:14 <DIR> --d----- c:\program files\Lame MP3 Codec
2008-10-05 15:14 65,024 a------- c:\windows\IFinst26.exe
2008-10-05 15:13 <DIR> --d----- c:\program files\XviD
2008-10-05 15:12 <DIR> --d----- c:\program files\MarkAny
2008-10-05 15:12 <DIR> --d----- c:\program files\Samsung
2008-10-02 21:35 <DIR> --d----- c:\program files\Windows NT
2008-10-02 21:34 <DIR> --d----- c:\program files\Messenger
2008-09-15 21:57 1,846,016 -------- c:\windows\system32\win32k.sys
2008-08-26 17:24 826,368 a------- c:\windows\system32\wininet.dll
2008-08-14 10:05 <DIR> --d----- c:\docume~1\deb\applic~1\eBookPro6
2008-07-11 15:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2008-07-10 14:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\comodo
2008-07-10 13:15 <DIR> --d----- c:\docume~1\deb\applic~1\Comodo
2008-06-18 12:00 <DIR> --d----- c:\docume~1\deb\applic~1\iolo
2008-06-18 12:00 <DIR> --d----- c:\docume~1\alluse~1\applic~1\iolo
2008-05-21 11:42 <DIR> --d----- c:\docume~1\deb\applic~1\Sony
2008-05-18 18:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Sony
2008-05-16 16:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-03-30 07:25 <DIR> --d----- c:\docume~1\deb\applic~1\rsvme
2008-01-08 18:32 <DIR> --d----- c:\docume~1\deb\applic~1\Bytescout SWF To Video Scout
2007-12-29 07:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Hagel Technologies
2007-12-24 06:40 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MSScanAppDataDir
2007-12-17 17:43 <DIR> --d----- c:\docume~1\deb\applic~1\Good Keywords v2
2007-11-23 10:28 <DIR> --d----- c:\docume~1\deb\applic~1\Dcads Advanced Toolbar
2007-04-21 06:53 <DIR> --d----- c:\docume~1\deb\applic~1\SPAMfighter
2007-02-14 15:19 <DIR> --d--r-- c:\docume~1\deb\applic~1\Brother
2007-02-10 22:20 <DIR> --d----- c:\docume~1\deb\applic~1\SWEC_-_Stock_Wrap_Express
2006-11-18 07:49 <DIR> --d----- c:\docume~1\deb\applic~1\Secretmaker
2006-04-06 18:57 <DIR> --d----- c:\docume~1\deb\applic~1\funkitron
2006-02-25 18:23 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Ahead
2006-02-17 08:45 <DIR> --d----- c:\docume~1\deb\applic~1\Publish Providers
2006-02-17 08:45 <DIR> --d----- c:\docume~1\deb\applic~1\NetMedia Providers
2006-02-16 16:01 <DIR> --d----- c:\docume~1\deb\applic~1\MSN6
2006-02-16 15:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MSN6

============= FINISH: 16:56:00.65 ===============
seal123 is offline