Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
Slooow! Slooow!
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Closed Thread
 
Thread Tools
Old 09-30-2008, 08:30 PM   #1 (permalink)
Registered User
 
Join Date: Sep 2008
Posts: 7
OS: XP SP2?


Slooow!
Really do not know how to describe but to say everything is super slow! I do not know where to start. All of my programs are running really slow. It started suddenly... Please help me!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:42:23 PM, on 9/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CrossBack\bin\bsch.exe
C:\Program Files\CrossBack\jvm\bin\bschJW.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CrossBack\aua\bin\AuaAcb.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CrossBack\aua\jvm\bin\AuaAcbJW.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\dpmw32.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\system32\iprntlgn.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Webroot\Enterprise\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\CrossBack\bin\btray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\KCI\mm2000\MM2000.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\KCI\mm2000\GirRnw\NewGirder\MMKCIGirder.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.espn.go.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.powerquest.com/register/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxyus.konecranes.com:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.64.*;http://citrixagent-na.konecranes.com...s.com;;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [iPrint Tray] C:\WINDOWS\system32\iprntctl.exe TRAY_ICON
O4 - HKLM\..\Run: [iPrint Event Monitor] C:\WINDOWS\system32\iprntlgn.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [SpySweeperEnterprise] "C:\Program Files\Webroot\Enterprise\Spy Sweeper\\SpySweeperUI.exe"
O4 - HKLM\..\Run: [AClickBackupManager] C:\Program Files\CrossBack\bin\btray.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1139775983765
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1172102156218
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...23/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ame.konecranes.com
O17 - HKLM\Software\..\Telephony: DomainName = ame.konecranes.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ame.konecranes.com
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Online Backup Scheduler (CrossBack) (AClickBackupScheduler) - Unknown owner - C:\Program Files\CrossBack\bin\bsch.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AutoUpdateAgent (CrossBack) (AutoUpdateAgentACB) - Unknown owner - C:\Program Files\CrossBack\aua\bin\AuaAcb.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe

--
End of file - 10219 bytes

Moderators Message

Please be considerate of the fact that the people helping you are all volunteers, and in many cases usually have a job, and a limited amount of time to help, and therefore can only do so much. If no one has replied to your thread within 72hrs after you posted, please reply in your thread with the words BUMP, please to move it forward.

DO NOT Bump the thread unless 72 hours has passed. We work from oldest to newest posts so your wait will be longer if you bump it forward before the 72 hours is up. We look for 0 reply, or 1 reply threads to respond to.


Early bump posts will be deleted.
Last edited by TheBruce1 : 10-01-2008 at 07:48 AM.
wolverdawk is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 10-23-2008, 08:58 PM   #2 (permalink)
Registered User
 
Join Date: Sep 2008
Posts: 7
OS: XP SP2?


Re: Slooow!
Bump!!! Still fighting the uphill battle!
wolverdawk is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 10-24-2008, 12:32 AM   #3 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 19,747
OS: WinXP and Vista


Re: Slooow!
Hello wolverdawk,

Have you run the online scan at Panda as was instructed in our sticky topic IMPORTANT - Please Read This Before Posting for Malware Removal Help. If so, please post that log in your next reply.

If not, kindly do so now and post the report along with a new HijackThis log.

Also, this appears to be a work computer. Are there other computers networked to this one?
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 10-24-2008, 06:33 AM   #4 (permalink)
Registered User
 
Join Date: Sep 2008
Posts: 7
OS: XP SP2?


Re: Slooow!
It is a work computer and no other ones networked. I am running the scan now. Thank you for the response.
Last edited by wolverdawk : 10-24-2008 at 06:34 AM.
wolverdawk is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 10-24-2008, 05:47 PM   #5 (permalink)
Registered User
 
Join Date: Sep 2008
Posts: 7
OS: XP SP2?


Re: Slooow!
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-10-24 18:40:53
PROTECTIONS: 0
MALWARE: 23
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@trafficmp[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@atdmt[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@247realmedia[1].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.247realmedia.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@tribalfusion[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.tribalfusion.com/]
00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@revenue[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@com[1].txt
00167665 Cookie/Clicktracks TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[stats1.clicktracks.com/]
00167665 Cookie/Clicktracks TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[stats1.clicktracks.com/]
00167665 Cookie/Clicktracks TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[stats1.clicktracks.com/]
00167665 Cookie/Clicktracks TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[stats1.clicktracks.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@azjmp[1].txt
00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@toplist[1].txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.perf.overture.com/]
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@perf.overture[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.bs.serving-sys.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@www.burstbeacon[1].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\Cookies\cpsjut@server.iad.liveperson[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@advertising[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@ads.pointroll[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.ads.pointroll.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.overture.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\Cookies\cpsjut@realmedia[1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@realmedia[2].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.realmedia.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@questionmarket[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.questionmarket.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.adultfriendfinder.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@go[2].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\Cookies\cpsjut@go[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\Local Settings\Temp\Cookies\cpsjut@go[1].txt
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Cookies\cpsjut@searchportal.information[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.target.com/]
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\cpsjut\back up drive\Documents\cpsjut\Application Data\Mozilla\Firefox\Profiles\g85t4q8w.default\cookies.txt[.target.com/]
;===================================================================================================================================================================================
SUSPECTS
Sent Location ̴
;===================================================================================================================================================================================
No C:\Program Files\UltraVNC\vnchooks.dll ̴
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description ̴
;===================================================================================================================================================================================
184380 MEDIUM MS08-002 ̴
184379 MEDIUM MS08-001 ̴
182048 HIGH MS07-069 ̴
182046 HIGH MS07-067 ̴
182043 HIGH MS07-064 ̴
179553 HIGH MS07-061 ̴
176382 HIGH MS07-057 ̴
176383 HIGH MS07-058 ̴
170911 HIGH MS07-050 ̴
170907 HIGH MS07-046 ̴
170906 HIGH MS07-045 ̴
170904 HIGH MS07-043 ̴
164915 HIGH MS07-035 ̴
164913 HIGH MS07-033 ̴
164911 HIGH MS07-031 ̴
160623 HIGH MS07-027 ̴
157262 HIGH MS07-022 ̴
157261 HIGH MS07-021 ̴
157260 HIGH MS07-020 ̴
157259 HIGH MS07-019 ̴
156477 HIGH MS07-017 ̴
;===================================================================================================================================================================================
wolverdawk is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 10-24-2008, 08:57 PM   #6 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 19,747
OS: WinXP and Vista


Re: Slooow!
Hmmm, nothing but undesirable cookies located on the backup drive. As such, they pose no threat.

I'd like to see a more comprehensive scan. Download RSIT.exe and save it to your desktop.
  • Double click on RSIT.exe to run the tool.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 10-24-2008, 11:19 PM   #7 (permalink)
Registered User
 
Join Date: Sep 2008
Posts: 7
OS: XP SP2?


Re: Slooow!
info.txt logfile of random's system information tool 1.04 2008-10-25 00:18:51

======Uninstall list======

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3rd Party Installer for QuickQuote 5.2-->C:\KCI\mm2000\QUICKQ~1\Setup.exe /remove /q0
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
ALPS Touch Pad Driver-->C:\Program Files\Apoint\Uninstap.exe ADDREMOVE
Apple Mobile Device Support-->MsiExec.exe /I{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe
Conductix Quick Quote-->MsiExec.exe /X{408EDB5C-B825-46D9-B0C0-5FB54ACD0F95}
Conexant HDA D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -Idel1028p.inf
CrossBack-->"C:\Program Files\CrossBack\unins000.exe"
CutePDF Writer 2.7-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall
eDrawings 2008-->MsiExec.exe /I{4E426404-8E81-4F4A-B6D9-1B9CD1487EA9}
Glary Registry Repair 3.0-->"C:\Program Files\Glary Registry Repair\unins000.exe"
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
GroupWise Internet Browser Mail Integration-->C:\Novell\GroupWise\gwmailto.exe /uninstall
GroupWise-->MsiExec.exe /I{E0D23748-FE1D-4C1A-A5A9-6BA8E6884D45}
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format SDK (KB902344)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Hotfix for Windows XP (KB896344)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Hotfix for Windows XP (KB910678)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
HP Image Zone 4.7-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP PSC & OfficeJet 4.7-->"C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat
HP Software Update-->MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1}
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
iTunes-->MsiExec.exe /I{EF6C4600-306D-4F6A-A119-C2A877D25B4A}
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
KCI Fonts-->MsiExec.exe /I{D436CFC9-B338-4AE3-8CF3-943C105B647B}
Markman2000-->C:\WINDOWS\Markman2000 Uninstaller.exe
MetaFrame Presentation Server Client-->MsiExec.exe /I{DF1D5FEC-D67C-43C8-9230-41F5DF350196}
Microsoft .NET Framework 1.1 Hotfix (KB886903)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 3.0-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{15095BF3-A3D7-4DDF-B193-3A496881E003}
Microsoft Base Smart Card Cryptographic Service Provider Package-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Project MUI (English) 2007-->MsiExec.exe /X{90120000-00B4-0409-0000-0000000FF1CE}
Microsoft Office Project Professional 2007 Trial-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PRJPROR /dll OSETUP.DLL
Microsoft Office Project Professional 2007-->MsiExec.exe /X{91120000-003B-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 6.0 Parser (KB927977)-->MsiExec.exe /I{5A710547-B58E-488B-828D-CA9A25A0533C}
NICI (Shared) U.S./Worldwide (128 bit) (2.7.0-2)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F02DBC5D-33E3-45E9-B0F8-B7745229ED1C}\Setup.exe" -uninst
NMAS Challenge Response Method-->MsiExec.exe /X{B9A5A789-D491-49FB-958C-BFEC2C11BB1D}
NMAS Client-->MsiExec.exe /I{9B427732-573E-4E78-B6FA-AC3E5A218BA2}
Novell iPrint Client v04.26.00-->C:\WINDOWS\system32\iprint\setupipp.exe /uninstall
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PowerDVD 5.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Security Update for Microsoft .NET Framework 2.0 (KB917283)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update for Microsoft .NET Framework 2.0 (KB922770)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update for Windows Media Player (KB911564)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows Media Player 10 (KB911565)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows Media Player 10 (KB917734)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Security Update for Windows XP (KB890046)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB893066)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB893756)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB896358)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB896422)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB896423)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB896424)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB896428)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB899587)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB899589)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB899591)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB900725)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB901017)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB901214)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB902400)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB904706)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB905414)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB905749)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB905915)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB908519)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB911562)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB911567)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB911927)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB912812)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB912919)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB913446)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB913580)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB914388)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB914389)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB916281)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB917159)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB917344)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB917422)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB917953)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Security Update for Windows XP (KB918439)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB918899)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB919007)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Security Update for Windows XP (KB920214)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB920670)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB920683)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB920685)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB921398)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB921883)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB922616)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB922819)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB923191)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB923414)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924191)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB924496)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925486)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Security Update for Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Security Update for Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Security Update for Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Security Update for Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
UltraVNC v1.0.1-->"C:\Program Files\UltraVNC\unins000.exe"
Update for Windows XP (KB894391)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB898461)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB900485)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB900930)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB904942)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB908531)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB910437)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB911280)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB916595)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB920342)-->"C:\WINDOWS\$NtUninstallKB920342$\spuninst\spuninst.exe"
Update for Windows XP (KB920872)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB922582)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Update for Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Update for Windows XP (KB925876)-->"C:\WINDOWS\$NtUninstallKB925876$\spuninst\spuninst.exe"
Update for Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Windows Communication Foundation-->MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows Media Connect-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows NT Messaging-->RunDll32 setupapi.dll,InstallHinfSection Uninstall 4 MSMail.inf
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation-->MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Hotfix - KB873339-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB883667-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB885250-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB885835-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB885836-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB887472-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB887742-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB887797-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB888113-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB890859-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
Windows XP Hotfix - KB891781-->C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Hosts File======

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com

======Environment variables======

"appsrv"=10.64.10.106
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\system32\nls;%SystemRoot%\system32\nls\ENGLISH;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0f02
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"windir"=%SystemRoot%
"Zen Managed Workstation"=1
"ZFD65"=1
"ZFD7"=1
"QQMM"=C:\Documents and Settings\cpsjut\Start Menu\Programs
"QQMMPath"=C:\KCI\mm2000\QuickQuoteNew
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------
wolverdawk is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 10-24-2008, 11:20 PM   #8 (permalink)
Registered User
 
Join Date: Sep 2008
Posts: 7
OS: XP SP2?


Re: Slooow!
Logfile of random's system information tool 1.04 (written by random/random)
Run by cpsjut at 2008-10-25 00:17:51
Microsoft Windows XP Professional Service Pack 2
System drive C: has 87 GB (76%) free of 114 GB
Total RAM: 1014 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:39 AM, on 10/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CrossBack\bin\bsch.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\CrossBack\jvm\bin\bschJW.exe
C:\Program Files\CrossBack\aua\bin\AuaAcb.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CrossBack\aua\jvm\bin\AuaAcbJW.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\dpmw32.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\WINDOWS\system32\iprntlgn.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Pr