OK- computer has been running really slow, closing windows for no reason, and locking up. I ran all the other spyware programs listed, and wanted to see if anyone can find anything wrong . I have Kaspersky, and nothing has shown up as far as I know.
Thanks in advance for any help.
Wendy
Logfile of HijackThis v1.99.1
Scan saved at 11:15:40 AM, on 7/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\PayPal\PayPal Virtual Debit Card\PayPalVDC.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\PayPal\PAYPAL~1\PPBroker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Wendy Pesce\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Virtual Debit Card\PayPalHelper.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: PayPal Virtual Debit Card - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Virtual Debit Card\OToolbar.dll
O3 - Toolbar: CouponBar - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - C:\WINDOWS\CouponBarIE.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Adobe Version Cue CS2] C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
O4 - HKLM\..\Run: [PayPal Virtual Debit Card] C:\Program Files\PayPal\PayPal Virtual Debit Card\PayPalVDC.exe StartUp /dontopenmycards /AutoStart
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Error Scan And Fix] C:\Program Files\Error Scan and Fix\Error Scan And Fix.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm TaskBar Icon - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://www.ca.com
O15 - Trusted Zone: http://support.f-secure.com
O15 - Trusted Zone: http://usa.kaspersky-labs.com
O15 - Trusted Zone: http://www.kaspersky.com
O15 - Trusted Zone: http://www.pandasecurity.com
O15 - Trusted Zone: http://*.windows.com
O15 - Trusted Zone: http://www.windowsupdate.com
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://mypoints.worldwinner.com/games/v47/...GamesLoader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209147479437
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4058/ftp...302/Coupons.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/download/bin/actxcab.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/...loadcontrol.cab
O16 - DPF: {D4F3F795-7712-4D92-91DF-AEB055D8AC73} (Invoke Solutions Compatibility Test Control) - http://rms2.invokesolutions.com/events/bin...iveCompTest.ocx
O16 - DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} (Invoke Solutions Participant Control(MR)) - http://rms2.invokesolutions.com/events/bin...1445/MILive.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Machine Debug Manager (Machine_Dbg-Mgr) - Unknown owner - C:\WINDOWS\AppPatch\mdm.exe (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Print Spooler Service (y5u2mjeji2) - Unknown owner - C:\WINDOWS\system32\owudc.exe (file missing)
Full Version: HiJack this log
I suggest that you backup any important files & reinstall from scratch.
It's so hard to clean up an infected computer any other way, and impossible to know if you got everything.
It's so hard to clean up an infected computer any other way, and impossible to know if you got everything.
Agree with garsh.
There's really nothing in the log that stands out.
There's really nothing in the log that stands out.
You have alot of programs that automatically start with Windows. How much memory is in the system? It could be that most, if not all, physical memory is being used on startup, so Windows starts using space on the hard drive as virtual memory. This can slow down the computer considerably.
Right click on the taskbar (an empty space to the right of the Start button) and click on Task Manager. Click on the Performance tab. Under the section titled Physical memory it will show the total amount installed in the computer and the amount available. Please post these numbers.
Right click on the taskbar (an empty space to the right of the Start button) and click on Task Manager. Click on the Performance tab. Under the section titled Physical memory it will show the total amount installed in the computer and the amount available. Please post these numbers.
QUOTE (Alan @ 7-18-08, 3:33pm) 
You have alot of programs that automatically start with Windows. How much memory is in the system? It could be that most, if not all, physical memory is being used on startup, so Windows starts using space on the hard drive as virtual memory. This can slow down the computer considerably.
Right click on the taskbar (an empty space to the right of the Start button) and click on Task Manager. Click on the Performance tab. Under the section titled Physical memory it will show the total amount installed in the computer and the amount available. Please post these numbers.
Right click on the taskbar (an empty space to the right of the Start button) and click on Task Manager. Click on the Performance tab. Under the section titled Physical memory it will show the total amount installed in the computer and the amount available. Please post these numbers.
I do get a msg quite frequently right now about the virtual memory being full. Forgot to mention that.
here are the numbers under Physical memory:
Total: 514124
Available: changes between 75000-85000
System Cache: 60124
If there are unnecessary start up programs, let me know, and I will see if I can delete them.
Thanks guys.
QUOTE (wendy1214 @ 7-18-08, 12:48pm)
QUOTE (Alan @ 7-18-08, 3:33pm)
You have alot of programs that automatically start with Windows. How much memory is in the system? It could be that most, if not all, physical memory is being used on startup, so Windows starts using space on the hard drive as virtual memory. This can slow down the computer considerably.
Right click on the taskbar (an empty space to the right of the Start button) and click on Task Manager. Click on the Performance tab. Under the section titled Physical memory it will show the total amount installed in the computer and the amount available. Please post these numbers.
Right click on the taskbar (an empty space to the right of the Start button) and click on Task Manager. Click on the Performance tab. Under the section titled Physical memory it will show the total amount installed in the computer and the amount available. Please post these numbers.
I do get a msg quite frequently right now about the virtual memory being full. Forgot to mention that.
here are the numbers under Physical memory:
Total: 514124
Available: changes between 75000-85000
System Cache: 60124
If there are unnecessary start up programs, let me know, and I will see if I can delete them.
Thanks guys.
I'd say that's your problem right there.
My laptop has 2GB of RAM, and my HiJackThis log isn't nearly that long...and Windows takes a good two minutes or so to fully load.
EDIT: Also, how much free hard drive space do you have? The combination of a small amount of physical memory (RAM) and a small amount of hard drive space could seriously lag your computer.
Last I saw I only had used about 43% of the harddrive space
Have you defragged lately?
I might consider buying some extra RAM and defrag at least once. If that doesn't provide a noticeable speed boost, then I'd probably go ahead and reinstall from scratch.
I mean, we could go through that log and nitpick several processes to kill, but there's a chance that even that won't give you a noticeable speed boost.
I might consider buying some extra RAM and defrag at least once. If that doesn't provide a noticeable speed boost, then I'd probably go ahead and reinstall from scratch.
I mean, we could go through that log and nitpick several processes to kill, but there's a chance that even that won't give you a noticeable speed boost.
Basically you have 512MB RAM (memory) installed and at the time of the posting 75MB-85MB was free. Keep the task manager running and open a couple more programs. You'll see the amount of available memory drop even further, you'll hear alot of hard drive thrashing and the system will slow down as windows uses part of the hard drive as virtual memory.
I'd say a memory upgrade would be a good idea. It may not solve all of the issues, but you might be amazed at the performace increase. IMO, memory is one of the best upgrades you can give your computer.
I'm going on a trip starting tomorrow, so I may not be around much for the next week. However, post the type of computer you have and others will let you know what type of memory is needed....and where to get a great deal (of course)
Alternatively, you can use the memory configurator at crucial.com.
I don't have the time right now to go through the list of startup programs and suggest which ones can be prevented from starting automatically. That would be a temporary fix anyway. As you open multiple programs the 512MB of installed memory will be used very quickly. Try upgrading to 1GB or more if possible.
I'd say a memory upgrade would be a good idea. It may not solve all of the issues, but you might be amazed at the performace increase. IMO, memory is one of the best upgrades you can give your computer.
I'm going on a trip starting tomorrow, so I may not be around much for the next week. However, post the type of computer you have and others will let you know what type of memory is needed....and where to get a great deal (of course)
Alternatively, you can use the memory configurator at crucial.com.
I don't have the time right now to go through the list of startup programs and suggest which ones can be prevented from starting automatically. That would be a temporary fix anyway. As you open multiple programs the 512MB of installed memory will be used very quickly. Try upgrading to 1GB or more if possible.
I'm guessing the machine in question is similar to mine and I did throw more memory at it quickly after purchase. If the OP has a PC that over 2 years, doesn't older memory command higher cost or not?
My start menu is bare bones with an AVG scan at 8 a.m. I see a few virus programs, which may invite conflicts.
My start menu is bare bones with an AVG scan at 8 a.m. I see a few virus programs, which may invite conflicts.
QUOTE (kas @ 7-18-08, 8:20pm)
I'm guessing the machine in question is similar to mine and I did throw more memory at it quickly after purchase. If the OP has a PC that over 2 years, doesn't older memory command higher cost or not?
My start menu is bare bones with an AVG scan at 8 a.m. I see a few virus programs, which may invite conflicts.
My start menu is bare bones with an AVG scan at 8 a.m. I see a few virus programs, which may invite conflicts.
I'm guessing the system uses DDR and not the newer DDR2.
1GB of DDR will run about $20-25 AR, whereas 1GB of DDR2 will run closer to $10AR. Either way, adding an extra gig of RAM should provide a decent speed boost over 512MB.
QUOTE (kas @ 7-18-08, 11:20pm)
If the OP has a PC that over 2 years, doesn't older memory command higher cost or not?
Goos fixes a lot of computers (F&F plan) and always lays out the price difference between upgrading completely and getting new (old) memory.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.